npm - js-confuser - Versions diffs - 1.7.1 → 1.7.3 - Mend

js-confuser 1.7.1 → 1.7.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (153) hide show

package/.github/workflows/node.js.yml +1 -1
package/CHANGELOG.md +73 -0
package/README.md +32 -31
package/dist/compiler.js +2 -8
package/dist/constants.js +22 -10
package/dist/index.js +15 -30
package/dist/obfuscator.js +15 -62
package/dist/options.js +33 -40
package/dist/order.js +4 -7
package/dist/parser.js +5 -13
package/dist/precedence.js +6 -8
package/dist/presets.js +4 -6
package/dist/probability.js +13 -24
package/dist/templates/bufferToString.js +121 -5
package/dist/templates/core.js +35 -0
package/dist/templates/crash.js +22 -11
package/dist/templates/es5.js +125 -6
package/dist/templates/functionLength.js +24 -6
package/dist/templates/globals.js +9 -0
package/dist/templates/template.js +189 -43
package/dist/transforms/antiTooling.js +26 -22
package/dist/transforms/calculator.js +19 -55
package/dist/transforms/controlFlowFlattening/controlFlowFlattening.js +242 -333
package/dist/transforms/controlFlowFlattening/expressionObfuscation.js +46 -25
package/dist/transforms/deadCode.js +542 -31
package/dist/transforms/dispatcher.js +112 -112
package/dist/transforms/es5/antiClass.js +70 -44
package/dist/transforms/es5/antiDestructuring.js +14 -38
package/dist/transforms/es5/antiES6Object.js +39 -48
package/dist/transforms/es5/antiSpreadOperator.js +5 -14
package/dist/transforms/es5/antiTemplate.js +10 -19
package/dist/transforms/es5/es5.js +7 -40
package/dist/transforms/extraction/classExtraction.js +83 -0
package/dist/transforms/extraction/duplicateLiteralsRemoval.js +41 -80
package/dist/transforms/extraction/objectExtraction.js +24 -56
package/dist/transforms/finalizer.js +6 -20
package/dist/transforms/flatten.js +51 -99
package/dist/transforms/identifier/globalAnalysis.js +21 -26
package/dist/transforms/identifier/globalConcealing.js +72 -56
package/dist/transforms/identifier/movedDeclarations.js +66 -38
package/dist/transforms/identifier/renameVariables.js +36 -68
package/dist/transforms/identifier/variableAnalysis.js +21 -48
package/dist/transforms/lock/antiDebug.js +20 -25
package/dist/transforms/lock/integrity.js +53 -52
package/dist/transforms/lock/lock.js +161 -126
package/dist/transforms/minify.js +77 -108
package/dist/transforms/opaquePredicates.js +12 -49
package/dist/transforms/preparation.js +28 -49
package/dist/transforms/renameLabels.js +5 -22
package/dist/transforms/rgf.js +125 -72
package/dist/transforms/shuffle.js +42 -47
package/dist/transforms/stack.js +41 -98
package/dist/transforms/string/encoding.js +76 -27
package/dist/transforms/string/stringCompression.js +75 -68
package/dist/transforms/string/stringConcealing.js +127 -135
package/dist/transforms/string/stringEncoding.js +6 -26
package/dist/transforms/string/stringSplitting.js +5 -30
package/dist/transforms/transform.js +76 -104
package/dist/traverse.js +11 -18
package/dist/util/compare.js +27 -29
package/dist/util/gen.js +32 -86
package/dist/util/guard.js +5 -1
package/dist/util/identifiers.js +9 -72
package/dist/util/insert.js +27 -77
package/dist/util/math.js +0 -3
package/dist/util/object.js +3 -7
package/dist/util/random.js +31 -36
package/dist/util/scope.js +6 -3
package/docs/Countermeasures.md +13 -6
package/docs/Integrity.md +35 -28
package/docs/RGF.md +6 -1
package/docs/RenameVariables.md +116 -0
package/docs/TamperProtection.md +100 -0
package/docs/Template.md +117 -0
package/package.json +3 -3
package/src/constants.ts +17 -0
package/src/index.ts +7 -5
package/src/options.ts +60 -7
package/src/order.ts +2 -2
package/src/templates/bufferToString.ts +79 -11
package/src/templates/core.ts +29 -0
package/src/templates/crash.ts +6 -38
package/src/templates/es5.ts +1 -1
package/src/templates/functionLength.ts +21 -3
package/src/templates/globals.ts +3 -0
package/src/templates/template.ts +205 -46
package/src/transforms/antiTooling.ts +33 -11
package/src/transforms/calculator.ts +4 -2
package/src/transforms/controlFlowFlattening/controlFlowFlattening.ts +12 -5
package/src/transforms/controlFlowFlattening/expressionObfuscation.ts +46 -10
package/src/transforms/deadCode.ts +74 -42
package/src/transforms/dispatcher.ts +99 -73
package/src/transforms/es5/antiClass.ts +25 -12
package/src/transforms/es5/antiDestructuring.ts +1 -1
package/src/transforms/es5/antiES6Object.ts +2 -2
package/src/transforms/es5/antiTemplate.ts +1 -1
package/src/transforms/extraction/classExtraction.ts +168 -0
package/src/transforms/extraction/duplicateLiteralsRemoval.ts +11 -16
package/src/transforms/extraction/objectExtraction.ts +4 -15
package/src/transforms/flatten.ts +20 -5
package/src/transforms/identifier/globalAnalysis.ts +18 -1
package/src/transforms/identifier/globalConcealing.ts +119 -72
package/src/transforms/identifier/movedDeclarations.ts +90 -24
package/src/transforms/identifier/renameVariables.ts +16 -1
package/src/transforms/lock/antiDebug.ts +2 -2
package/src/transforms/lock/integrity.ts +13 -11
package/src/transforms/lock/lock.ts +122 -30
package/src/transforms/minify.ts +28 -13
package/src/transforms/opaquePredicates.ts +2 -2
package/src/transforms/preparation.ts +16 -0
package/src/transforms/rgf.ts +139 -12
package/src/transforms/shuffle.ts +3 -3
package/src/transforms/stack.ts +19 -4
package/src/transforms/string/encoding.ts +88 -51
package/src/transforms/string/stringCompression.ts +86 -17
package/src/transforms/string/stringConcealing.ts +148 -118
package/src/transforms/string/stringEncoding.ts +1 -2
package/src/transforms/string/stringSplitting.ts +1 -2
package/src/transforms/transform.ts +63 -46
package/src/types.ts +2 -0
package/src/util/compare.ts +39 -5
package/src/util/gen.ts +10 -3
package/src/util/guard.ts +10 -0
package/src/util/insert.ts +17 -0
package/src/util/random.ts +81 -1
package/src/util/scope.ts +14 -2
package/test/code/Cash.test.ts +94 -5
package/test/code/StrictMode.src.js +65 -0
package/test/code/StrictMode.test.js +37 -0
package/test/compare.test.ts +62 -2
package/test/options.test.ts +129 -55
package/test/templates/template.test.ts +211 -1
package/test/transforms/controlFlowFlattening/expressionObfuscation.test.ts +37 -18
package/test/transforms/dispatcher.test.ts +55 -0
package/test/transforms/extraction/classExtraction.test.ts +86 -0
package/test/transforms/extraction/duplicateLiteralsRemoval.test.ts +8 -0
package/test/transforms/extraction/objectExtraction.test.ts +2 -0
package/test/transforms/identifier/globalConcealing.test.ts +89 -0
package/test/transforms/identifier/movedDeclarations.test.ts +61 -0
package/test/transforms/identifier/renameVariables.test.ts +75 -1
package/test/transforms/lock/tamperProtection.test.ts +336 -0
package/test/transforms/minify.test.ts +37 -0
package/test/transforms/rgf.test.ts +50 -0
package/dist/transforms/controlFlowFlattening/choiceFlowObfuscation.js +0 -62
package/dist/transforms/controlFlowFlattening/controlFlowObfuscation.js +0 -159
package/dist/transforms/controlFlowFlattening/switchCaseObfuscation.js +0 -106
package/dist/transforms/eval.js +0 -84
package/dist/transforms/hexadecimalNumbers.js +0 -63
package/dist/transforms/hideInitializingCode.js +0 -270
package/dist/transforms/identifier/nameRecycling.js +0 -218
package/dist/transforms/label.js +0 -67
package/dist/transforms/preparation/nameConflicts.js +0 -116
package/dist/transforms/preparation/preparation.js +0 -188

package/dist/transforms/lock/lock.js CHANGED Viewed

@@ -4,272 +4,312 @@ Object.defineProperty(exports, "__esModule", {
   value: true
 });
 exports.default = void 0;
 var _transform = _interopRequireDefault(require("../transform"));
 var _gen = require("../../util/gen");
 var _traverse = _interopRequireWildcard(require("../../traverse"));
 var _random = require("../../util/random");
 var _crash = require("../../templates/crash");
 var _insert = require("../../util/insert");
 var _template = _interopRequireDefault(require("../../templates/template"));
 var _order = require("../../order");
 var _integrity = _interopRequireDefault(require("./integrity"));
 var _antiDebug = _interopRequireDefault(require("./antiDebug"));
 var _identifiers = require("../../util/identifiers");
 var _compare = require("../../util/compare");
 var _assert = require("assert");
-function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "function") return null; var cacheBabelInterop = new WeakMap(); var cacheNodeInterop = new WeakMap(); return (_getRequireWildcardCache = function (nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
-function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
-function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
-function _defineProperty(obj, key, value) { if (key in obj) { Object.defineProperty(obj, key, { value: value, enumerable: true, configurable: true, writable: true }); } else { obj[key] = value; } return obj; }
+var _core = require("../../templates/core");
+function _getRequireWildcardCache(e) { if ("function" != typeof WeakMap) return null; var r = new WeakMap(), t = new WeakMap(); return (_getRequireWildcardCache = function (e) { return e ? t : r; })(e); }
+function _interopRequireWildcard(e, r) { if (!r && e && e.__esModule) return e; if (null === e || "object" != typeof e && "function" != typeof e) return { default: e }; var t = _getRequireWildcardCache(r); if (t && t.has(e)) return t.get(e); var n = { __proto__: null }, a = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var u in e) if ("default" !== u && {}.hasOwnProperty.call(e, u)) { var i = a ? Object.getOwnPropertyDescriptor(e, u) : null; i && (i.get || i.set) ? Object.defineProperty(n, u, i) : n[u] = e[u]; } return n.default = e, t && t.set(e, n), n; }
+function _interopRequireDefault(e) { return e && e.__esModule ? e : { default: e }; }
+function _defineProperty(e, r, t) { return (r = _toPropertyKey(r)) in e ? Object.defineProperty(e, r, { value: t, enumerable: !0, configurable: !0, writable: !0 }) : e[r] = t, e; }
+function _toPropertyKey(t) { var i = _toPrimitive(t, "string"); return "symbol" == typeof i ? i : i + ""; }
+function _toPrimitive(t, r) { if ("object" != typeof t || !t) return t; var e = t[Symbol.toPrimitive]; if (void 0 !== e) { var i = e.call(t, r || "default"); if ("object" != typeof i) return i; throw new TypeError("@@toPrimitive must return a primitive value."); } return ("string" === r ? String : Number)(t); }
 /**
  * Applies browser & date locks.
  */
 class Lock extends _transform.default {
-  /**
-   * This is a boolean variable injected into the source code determining wether the countermeasures function has been called.
-   * This is used to prevent infinite loops from happening
-   */
+  shouldTransformNativeFunction(nameAndPropertyPath) {
+    if (!this.options.lock.tamperProtection) {
+      return false;
+    }
+    if (typeof this.options.lock.tamperProtection === "function") {
+      return this.options.lock.tamperProtection(nameAndPropertyPath.join("."));
+    }
+    if (this.options.target === "browser" && nameAndPropertyPath.length === 1 && nameAndPropertyPath[0] === "fetch") {
+      return true;
+    }
+    // TODO: Allow user to customize this behavior
+    var globalObject = typeof window !== "undefined" ? window : global;
+    var fn = globalObject;
+    for (var item of nameAndPropertyPath) {
+      fn = fn[item];
+      if (typeof fn === "undefined") return false;
+    }
+    var hasNativeCode = typeof fn === "function" && ("" + fn).includes("[native code]");
+    return hasNativeCode;
+  }
   constructor(o) {
-    super(o, _order.ObfuscateOrder.Lock); // Removed feature
+    super(o, _order.ObfuscateOrder.Lock);
+    // Removed feature
     // if (this.options.lock.startDate && this.options.lock.endDate) {
     //   this.before.push(new LockStrings(o));
     // }
     _defineProperty(this, "globalVar", void 0);
     _defineProperty(this, "counterMeasuresNode", void 0);
     _defineProperty(this, "iosDetectFn", void 0);
+    /**
+     * This is a boolean variable injected into the source code determining wether the countermeasures function has been called.
+     * This is used to prevent infinite loops from happening
+     */
     _defineProperty(this, "counterMeasuresActivated", void 0);
+    /**
+     * The name of the native function that is used to check runtime calls for tampering
+     */
+    _defineProperty(this, "nativeFunctionName", void 0);
     _defineProperty(this, "made", void 0);
     if (this.options.lock.integrity) {
       this.before.push(new _integrity.default(o, this));
     }
     if (this.options.lock.antiDebug) {
       this.before.push(new _antiDebug.default(o, this));
     }
     this.made = 0;
   }
   apply(tree) {
     if (typeof this.options.lock.countermeasures === "string" && (0, _compare.isValidIdentifier)(this.options.lock.countermeasures)) {
       (0, _traverse.default)(tree, (object, parents) => {
         if (object.type == "Identifier" && object.name === this.options.lock.countermeasures) {
           var info = (0, _identifiers.getIdentifierInfo)(object, parents);
           if (info.spec.isDefined) {
             if (this.counterMeasuresNode) {
               throw new Error("Countermeasures function was already defined, it must have a unique name from the rest of your code");
             } else {
               var definingContext = (0, _insert.getVarContext)(parents[0], parents.slice(1));
               if (definingContext != tree) {
                 throw new Error("Countermeasures function must be defined at the global level");
               }
               var chain = [object, parents];
               if (info.isFunctionDeclaration) {
                 chain = [parents[0], parents.slice(1)];
               } else if (info.isVariableDeclaration) {
                 chain = [parents[1], parents.slice(2)];
               }
               this.counterMeasuresNode = chain;
             }
           }
         }
       });
       if (!this.counterMeasuresNode) {
         throw new Error("Countermeasures function named '" + this.options.lock.countermeasures + "' was not found.");
       }
     }
     super.apply(tree);
-  }
+    if (this.options.lock.tamperProtection) {
+      this.nativeFunctionName = this.getPlaceholder() + "_lockNative";
+      // Ensure program is not in strict mode
+      // Tamper Protection forces non-strict mode
+      var strictModeCheck = new _template.default(`
+        (function(){
+          function isStrictMode(){
+            try {
+              var arr = []
+              delete arr["length"]
+            } catch(e) {
+              return true;
+            }
+            return false;
+          }
+          if(isStrictMode()) {
+            {countermeasures}
+            ${this.nativeFunctionName} = undefined;
+          }
+        })()
+        `).single({
+        countermeasures: this.getCounterMeasuresCode(tree, [])
+      });
+      // $multiTransformSkip is used to prevent scoping between transformations
+      strictModeCheck.$multiTransformSkip = true;
+      (0, _insert.prepend)(tree, strictModeCheck);
+      var nativeFunctionCheck = new _template.default(`
+        function ${this.nativeFunctionName}() {
+          {IndexOfTemplate}
+          function checkFunction(fn){
+            if (indexOf("" + fn, '{ [native code] }') === -1
+            ||
+            typeof Object.getOwnPropertyDescriptor(fn, "toString") !== "undefined"
+            ) {
+              {countermeasures}
+              return undefined
+            }
+            return fn;
+          }
+          var args = arguments
+          if(args.length === 1) {
+            return checkFunction(args[0]);
+          } else if (args.length === 2) {
+            var object = args[0];
+            var property = args[1];
+            var fn = object[property];
+            fn = checkFunction(fn);
+            return fn.bind(object);
+          }
+        }`).single({
+        IndexOfTemplate: _core.IndexOfTemplate,
+        countermeasures: this.getCounterMeasuresCode(tree, [])
+      });
+      // $multiTransformSkip is used to prevent scoping between transformations
+      nativeFunctionCheck.$multiTransformSkip = true;
+      (0, _insert.prepend)(tree, nativeFunctionCheck);
+    }
+  }
   getCounterMeasuresCode(object, parents) {
     var opt = this.options.lock.countermeasures;
     if (opt === false) {
       return null;
-    } // Call function
+    }
+    // Call function
     if (typeof opt === "string") {
       if (!this.counterMeasuresActivated) {
         this.counterMeasuresActivated = this.getPlaceholder();
         (0, _insert.prepend)(parents[parents.length - 1] || object, (0, _gen.VariableDeclaration)((0, _gen.VariableDeclarator)(this.counterMeasuresActivated)));
-      } // Since Lock occurs before variable renaming, we are using the pre-obfuscated function name
+      }
-      return [(0, _gen.ExpressionStatement)((0, _gen.LogicalExpression)("||", (0, _gen.Identifier)(this.counterMeasuresActivated), (0, _gen.SequenceExpression)([(0, _gen.AssignmentExpression)("=", (0, _gen.Identifier)(this.counterMeasuresActivated), (0, _gen.Literal)(true)), (0, _gen.CallExpression)((0, _template.default)(opt).single().expression, [])])))];
+      // Since Lock occurs before variable renaming, we are using the pre-obfuscated function name
+      return [(0, _gen.ExpressionStatement)((0, _gen.LogicalExpression)("||", (0, _gen.Identifier)(this.counterMeasuresActivated), (0, _gen.SequenceExpression)([(0, _gen.AssignmentExpression)("=", (0, _gen.Identifier)(this.counterMeasuresActivated), (0, _gen.Literal)(true)), (0, _gen.CallExpression)(new _template.default(opt).single().expression, [])])))];
     }
-    var type = (0, _random.choice)(["crash", "exit"]);
-    switch (type) {
-      case "crash":
-        var varName = this.getPlaceholder();
-        return (0, _random.choice)([_crash.CrashTemplate1, _crash.CrashTemplate2, _crash.CrashTemplate3]).compile({
-          var: varName
-        });
-      case "exit":
-        if (this.options.target == "browser") {
-          return (0, _template.default)("document.documentElement.innerHTML = '';").compile();
-        }
-        return (0, _template.default)("process.exit()").compile();
-    }
+    // Default fallback to infinite loop
+    var varName = this.getPlaceholder();
+    return (0, _random.choice)([_crash.CrashTemplate1, _crash.CrashTemplate2]).compile({
+      var: varName
+    });
   }
   /**
    * Converts Dates to numbers, then applies some randomness
    * @param object
    */
   getTime(object) {
     if (!object) {
       return 0;
     }
     if (object instanceof Date) {
       return this.getTime(object.getTime());
     }
     return object + (0, _random.getRandomInteger)(-4000, 4000);
   }
   match(object, parents) {
     return (0, _traverse.isBlock)(object);
   }
   transform(object, parents) {
     if (parents.find(x => (0, _compare.isLoop)(x) && x.type != "SwitchStatement")) {
       return;
-    } // no check in countermeasures code, otherwise it will infinitely call itself
+    }
+    // no check in countermeasures code, otherwise it will infinitely call itself
     if (this.counterMeasuresNode && (object == this.counterMeasuresNode[0] || parents.indexOf(this.counterMeasuresNode[0]) !== -1)) {
       return;
     }
     var block = (0, _traverse.getBlock)(object, parents);
     var choices = [];
     if (this.options.lock.startDate) {
       choices.push("startDate");
     }
     if (this.options.lock.endDate) {
       choices.push("endDate");
     }
     if (this.options.lock.domainLock && this.options.lock.domainLock.length) {
       choices.push("domainLock");
     }
     if (this.options.lock.context && this.options.lock.context.length) {
       choices.push("context");
     }
     if (this.options.lock.browserLock && this.options.lock.browserLock.length) {
       choices.push("browserLock");
     }
     if (this.options.lock.osLock && this.options.lock.osLock.length) {
       choices.push("osLock");
     }
     if (this.options.lock.selfDefending) {
       choices.push("selfDefending");
     }
     if (!choices.length) {
       return;
     }
     return () => {
       this.made++;
       if (this.made > 150) {
         return;
       }
       var type = (0, _random.choice)(choices);
       var nodes = [];
       var dateNow = (0, _gen.CallExpression)((0, _gen.MemberExpression)((0, _gen.Identifier)("Date"), (0, _gen.Literal)("now"), true), []);
       if (Math.random() > 0.5) {
         dateNow = (0, _gen.CallExpression)((0, _gen.MemberExpression)((0, _gen.NewExpression)((0, _gen.Identifier)("Date"), []), (0, _gen.Literal)("getTime")), []);
       }
       if (Math.random() > 0.5) {
         dateNow = (0, _gen.CallExpression)((0, _gen.MemberExpression)((0, _gen.MemberExpression)((0, _gen.MemberExpression)((0, _gen.Identifier)("Date"), (0, _gen.Literal)("prototype"), true), (0, _gen.Literal)("getTime"), true), (0, _gen.Literal)("call"), true), [(0, _gen.NewExpression)((0, _gen.Identifier)("Date"), [])]);
       }
       var test;
       var offset = 0;
       switch (type) {
         case "selfDefending":
           // A very simple mechanism inspired from https://github.com/javascript-obfuscator/javascript-obfuscator/blob/master/src/custom-code-helpers/self-defending/templates/SelfDefendingNoEvalTemplate.ts
           // regExp checks for a newline, formatters add these
-          var callExpression = (0, _template.default)("\n            (\n              function(){\n                // Breaks JSNice.org, beautifier.io\n                var namedFunction = function(){\n                  const test = function(){\n                    const regExp=new RegExp('\\n');\n                    return regExp['test'](namedFunction)\n                  };\n                  return test()\n                }\n\n                return namedFunction();\n              }\n            )()\n            ").single().expression;
+          var callExpression = new _template.default(`
+            (
+              function(){
+                // Breaks JSNice.org, beautifier.io
+                var namedFunction = function(){
+                  const test = function(){
+                    const regExp=new RegExp('\\n');
+                    return regExp['test'](namedFunction)
+                  };
+                  return test()
+                }
+                return namedFunction();
+              }
+            )()
+            `).single().expression;
           nodes.push((0, _gen.IfStatement)(callExpression, this.getCounterMeasuresCode(object, parents) || [], null));
           break;
         case "startDate":
           test = (0, _gen.BinaryExpression)("<", dateNow, (0, _gen.Literal)(this.getTime(this.options.lock.startDate)));
           nodes.push((0, _gen.IfStatement)(test, this.getCounterMeasuresCode(object, parents) || [], null));
           break;
         case "endDate":
           test = (0, _gen.BinaryExpression)(">", dateNow, (0, _gen.Literal)(this.getTime(this.options.lock.endDate)));
           nodes.push((0, _gen.IfStatement)(test, this.getCounterMeasuresCode(object, parents) || [], null));
           break;
         case "context":
           var prop = (0, _random.choice)(this.options.lock.context);
-          var code = this.getCounterMeasuresCode(object, parents) || []; // Todo: Alternative to `this`
+          var code = this.getCounterMeasuresCode(object, parents) || [];
+          // Todo: Alternative to `this`
           if (!this.globalVar) {
             offset = 1;
             this.globalVar = this.getPlaceholder();
             (0, _insert.prepend)(parents[parents.length - 1] || block, (0, _gen.VariableDeclaration)((0, _gen.VariableDeclarator)(this.globalVar, (0, _gen.LogicalExpression)("||", (0, _gen.Identifier)(this.options.globalVariables.keys().next().value), (0, _gen.ThisExpression)()))));
           }
           test = (0, _gen.UnaryExpression)("!", (0, _gen.MemberExpression)((0, _gen.Identifier)(this.globalVar), (0, _gen.Literal)(prop), true));
           nodes.push((0, _gen.IfStatement)(test, code, null));
           break;
         case "osLock":
-          var navigatorUserAgent = (0, _template.default)("window.navigator.userAgent.toLowerCase()").single().expression;
+          var navigatorUserAgent = new _template.default(`window.navigator.userAgent.toLowerCase()`).single().expression;
           (0, _assert.ok)(this.options.lock.osLock);
           var code = this.getCounterMeasuresCode(object, parents) || [];
           this.options.lock.osLock.forEach(osName => {
@@ -281,74 +321,76 @@ class Lock extends _transform.default {
               ios: "---"
             }[osName];
             var thisTest = (0, _gen.CallExpression)((0, _gen.MemberExpression)(navigatorUserAgent, (0, _gen.Literal)("match"), true), [(0, _gen.Literal)(agentMatcher.toLowerCase())]);
             if (osName == "ios" && this.options.target === "browser") {
               if (!this.iosDetectFn) {
                 this.iosDetectFn = this.getPlaceholder();
-                (0, _insert.prepend)(parents[parents.length - 1] || object, (0, _template.default)("function ".concat(this.iosDetectFn, "() {\n                  return [\n                    'iPad Simulator',\n                    'iPhone Simulator',\n                    'iPod Simulator',\n                    'iPad',\n                    'iPhone',\n                    'iPod'\n                  ].includes(navigator.platform)\n                  // iPad on iOS 13 detection\n                  || (navigator.userAgent.includes(\"Mac\") && \"ontouchend\" in document)\n                }")).single());
+                (0, _insert.prepend)(parents[parents.length - 1] || object, new _template.default(`function ${this.iosDetectFn}() {
+                  return [
+                    'iPad Simulator',
+                    'iPhone Simulator',
+                    'iPod Simulator',
+                    'iPad',
+                    'iPhone',
+                    'iPod'
+                  ].includes(navigator.platform)
+                  // iPad on iOS 13 detection
+                  || (navigator.userAgent.includes("Mac") && "ontouchend" in document)
+                }`).single());
               }
               thisTest = (0, _gen.CallExpression)((0, _gen.Identifier)(this.iosDetectFn), []);
             }
             if (this.options.target === "node") {
               var platformName = {
                 windows: "win32",
                 osx: "darwin",
                 ios: "darwin"
               }[osName] || osName;
-              thisTest = (0, _template.default)("require('os').platform()===\"".concat(platformName, "\"")).single().expression;
+              thisTest = new _template.default(`require('os').platform()==="${platformName}"`).single().expression;
             }
             if (!test) {
               test = thisTest;
             } else {
-              test = (0, _gen.LogicalExpression)("||", { ...test
+              test = (0, _gen.LogicalExpression)("||", {
+                ...test
               }, thisTest);
             }
           });
-          test = (0, _gen.UnaryExpression)("!", { ...test
+          test = (0, _gen.UnaryExpression)("!", {
+            ...test
           });
           nodes.push((0, _gen.IfStatement)(test, code, null));
           break;
         case "browserLock":
-          var navigatorUserAgent = (0, _template.default)("window.navigator.userAgent.toLowerCase()").single().expression;
+          var navigatorUserAgent = new _template.default(`window.navigator.userAgent.toLowerCase()`).single().expression;
           (0, _assert.ok)(this.options.lock.browserLock);
           this.options.lock.browserLock.forEach(browserName => {
             var thisTest = (0, _gen.CallExpression)((0, _gen.MemberExpression)(navigatorUserAgent, (0, _gen.Literal)("match"), true), [(0, _gen.Literal)(browserName == "iexplorer" ? "msie" : browserName.toLowerCase())]);
             if (browserName === "safari") {
-              thisTest = (0, _template.default)("/^((?!chrome|android).)*safari/i.test(navigator.userAgent)").single().expression;
+              thisTest = new _template.default(`/^((?!chrome|android).)*safari/i.test(navigator.userAgent)`).single().expression;
             }
             if (!test) {
               test = thisTest;
             } else {
-              test = (0, _gen.LogicalExpression)("||", { ...test
+              test = (0, _gen.LogicalExpression)("||", {
+                ...test
               }, thisTest);
             }
           });
-          test = (0, _gen.UnaryExpression)("!", { ...test
+          test = (0, _gen.UnaryExpression)("!", {
+            ...test
           });
           nodes.push((0, _gen.IfStatement)(test, this.getCounterMeasuresCode(object, parents) || [], null));
           break;
         case "domainLock":
           function removeSlashes(path) {
             var count = path.length - 1;
             var index = 0;
             while (path.charCodeAt(index) === 47 && ++index);
             while (path.charCodeAt(count) === 47 && --count);
             return path.slice(index, count + 1);
           }
           var locationHref = (0, _gen.MemberExpression)((0, _gen.Identifier)("location"), (0, _gen.Literal)("href"), true);
           var random = (0, _random.choice)(this.options.lock.domainLock);
           if (random) {
             test = (0, _gen.CallExpression)((0, _gen.MemberExpression)(locationHref, (0, _gen.Literal)("match"), true), [{
               type: "Literal",
@@ -358,21 +400,16 @@ class Lock extends _transform.default {
               }
             }]);
             test = (0, _gen.UnaryExpression)("!", test);
             if (Math.random() > 0.5) {
               test = (0, _gen.LogicalExpression)("||", (0, _gen.BinaryExpression)("==", (0, _gen.UnaryExpression)("typeof", (0, _gen.Identifier)("location")), (0, _gen.Literal)("undefined")), test);
             }
             nodes.push((0, _gen.IfStatement)(test, this.getCounterMeasuresCode(object, parents) || [], null));
           }
           break;
       }
       if (nodes.length) {
         var body = (0, _insert.getBlockBody)(block);
         var randomIndex = (0, _random.getRandomInteger)(0, body.length) + offset;
         if (randomIndex >= body.length) {
           body.push(...nodes);
         } else {
@@ -381,7 +418,5 @@ class Lock extends _transform.default {
       }
     };
   }
 }
 exports.default = Lock;