js-confuser 1.7.1 → 1.7.3

package/src/transforms/rgf.ts

@@ -1,15 +1,20 @@
 import { compileJsSync } from "../compiler";
-import { reservedIdentifiers } from "../constants";
+import { predictableFunctionTag, reservedIdentifiers } from "../constants";
 import Obfuscator from "../obfuscator";
 import { ObfuscateOrder } from "../order";
 import { ComputeProbabilityMap } from "../probability";
+import { FunctionLengthTemplate } from "../templates/functionLength";
+import { ObjectDefineProperty } from "../templates/globals";
+import Template from "../templates/template";
 import { walk } from "../traverse";
 import {
   ArrayExpression,
   BlockStatement,
   CallExpression,
+  ExpressionStatement,
   Identifier,
   Literal,
+  LogicalExpression,
   MemberExpression,
   NewExpression,
   Node,
@@ -19,7 +24,11 @@ import {
   VariableDeclarator,
 } from "../util/gen";
 import { getIdentifierInfo } from "../util/identifiers";
-import { prepend, getDefiningContext } from "../util/insert";
+import {
+  prepend,
+  getDefiningContext,
+  computeFunctionLength,
+} from "../util/insert";
 import Integrity from "./lock/integrity";
 import Transform from "./transform";
 
@@ -38,6 +47,16 @@ export default class RGF extends Transform {
   // The name of the array holding all the `new Function` expressions
   arrayExpressionName: string;
 
+  functionLengthName: string;
+
+  getFunctionLengthName(parents: Node[]) {
+    if (!this.functionLengthName) {
+      this.functionLengthName = this.getPlaceholder();
+    }
+
+    return this.functionLengthName;
+  }
+
   constructor(o) {
     super(o, ObfuscateOrder.RGF);
 
@@ -50,14 +69,54 @@ export default class RGF extends Transform {
 
     // Only add the array if there were converted functions
     if (this.arrayExpressionElements.length > 0) {
+      var variableDeclaration = VariableDeclaration(
+        VariableDeclarator(
+          Identifier(this.arrayExpressionName),
+          ArrayExpression(this.arrayExpressionElements)
+        )
+      );
+
+      var nodes: Node[] = [variableDeclaration];
+
+      if (this.options.lock?.tamperProtection) {
+        // The name of the variable flag if eval is safe to use
+        var tamperProtectionCheckName = this.getPlaceholder() + "_rgfEvalCheck";
+
+        variableDeclaration.declarations[0].init = LogicalExpression(
+          "&&",
+          Identifier(tamperProtectionCheckName),
+          { ...variableDeclaration.declarations[0].init }
+        );
+
+        nodes.unshift(
+          ...new Template(`
+            var ${tamperProtectionCheckName} = false;
+            eval(${this.jsConfuserVar(tamperProtectionCheckName)} + "=true");
+            if(!${tamperProtectionCheckName}) {
+              {countermeasures}
+            }
+            `).compile({
+            countermeasures: this.lockTransform.getCounterMeasuresCode(
+              tree,
+              []
+            ),
+          })
+        );
+      }
+
+      prepend(tree, ...nodes);
+    }
+
+    // The function.length helper function must be placed last
+    if (this.functionLengthName) {
       prepend(
         tree,
-        VariableDeclaration(
-          VariableDeclarator(
-            Identifier(this.arrayExpressionName),
-            ArrayExpression(this.arrayExpressionElements)
-          )
-        )
+        FunctionLengthTemplate.single({
+          name: this.functionLengthName,
+          ObjectDefineProperty: this.createInitVariable(ObjectDefineProperty, [
+            tree,
+          ]),
+        })
       );
     }
   }
@@ -141,6 +200,7 @@ export default class RGF extends Transform {
       walk(object, parents, (o, p) => {
         if (
           o.type === "Identifier" &&
+          o.name !== this.arrayExpressionName &&
           !reservedIdentifiers.has(o.name) &&
           !this.options.globalVariables.has(o.name)
         ) {
@@ -200,6 +260,7 @@ export default class RGF extends Transform {
       });
 
       if (obfuscator.options.lock) {
+        obfuscator.options.lock = { ...obfuscator.options.lock };
         delete obfuscator.options.lock.countermeasures;
 
         // Integrity will not recursively apply to RGF'd functions. This is intended.
@@ -226,9 +287,26 @@ export default class RGF extends Transform {
         generator: false,
       };
 
+      // The new program will look like this
+      // new Function(`
+      //  var rgf_array = this[0]
+      //  function greet(message){
+      //      console.log(message)
+      //  }
+      //  return greet.apply(this[1], arguments)
+      // `)
+      //
+      // And called like
+      // f.apply([ rgf_array, this ], arguments)
       var tree = {
         type: "Program",
         body: [
+          VariableDeclaration(
+            VariableDeclarator(
+              this.arrayExpressionName,
+              MemberExpression(ThisExpression(), Literal(0))
+            )
+          ),
           embeddedFunction,
           ReturnStatement(
             CallExpression(
@@ -237,7 +315,10 @@ export default class RGF extends Transform {
                 Literal("apply"),
                 true
               ),
-              [ThisExpression(), Identifier("arguments")]
+              [
+                MemberExpression(ThisExpression(), Literal(1)),
+                Identifier("arguments"),
+              ]
             )
           ),
         ],
@@ -250,10 +331,18 @@ export default class RGF extends Transform {
       var toString = compileJsSync(tree, obfuscator.options);
 
       // new Function(code)
-      var newFunctionExpression = NewExpression(Identifier("Function"), [
+      var newFunctionExpression: Node = NewExpression(Identifier("Function"), [
         Literal(toString),
       ]);
 
+      if (this.options.lock?.tamperProtection) {
+        // If tamper protection is enabled, wrap the function in an eval
+        var randomName = this.getGenerator("randomized").generate();
+        newFunctionExpression = CallExpression(Identifier("eval"), [
+          Literal(`function ${randomName}(){ ${toString} } ${randomName}`),
+        ]);
+      }
+
       // The index where this function is placed in the array
       var newFunctionExpressionIndex = this.arrayExpressionElements.length;
 
@@ -261,12 +350,14 @@ export default class RGF extends Transform {
       this.arrayExpressionElements.push(newFunctionExpression);
 
       // The member expression to retrieve this function
-      var memberExpression = MemberExpression(
+      var memberExpression: Node = MemberExpression(
         Identifier(this.arrayExpressionName),
         Literal(newFunctionExpressionIndex),
         true
       );
 
+      var originalFunctionLength = computeFunctionLength(object.params);
+
       // Replace based on type
 
       // (1) Function Declaration:
@@ -276,19 +367,55 @@ export default class RGF extends Transform {
           ReturnStatement(
             CallExpression(
               MemberExpression(memberExpression, Literal("apply"), true),
-              [ThisExpression(), Identifier("arguments")]
+              [
+                ArrayExpression([
+                  Identifier(this.arrayExpressionName),
+                  ThisExpression(),
+                ]),
+                Identifier("arguments"),
+              ]
             )
           ),
         ]);
 
         // The parameters are no longer needed ('arguments' is used to capture them)
         object.params = [];
+
+        // The function is no longer guaranteed to not have extraneous parameters passed in
+        object[predictableFunctionTag] = false;
+
+        if (
+          this.options.preserveFunctionLength &&
+          originalFunctionLength !== 0
+        ) {
+          var body = parents[0] as unknown as Node[];
+
+          body.splice(
+            body.indexOf(object),
+            0,
+            ExpressionStatement(
+              CallExpression(Identifier(this.getFunctionLengthName(parents)), [
+                Identifier(object.id.name),
+                Literal(originalFunctionLength),
+              ])
+            )
+          );
+        }
         return;
       }
 
       // (2) Function Expression:
       // - Replace expression with member expression pointing to new function
       if (object.type === "FunctionExpression") {
+        if (
+          this.options.preserveFunctionLength &&
+          originalFunctionLength !== 0
+        ) {
+          memberExpression = CallExpression(
+            Identifier(this.getFunctionLengthName(parents)),
+            [memberExpression, Literal(originalFunctionLength)]
+          );
+        }
         this.replace(object, memberExpression);
         return;
       }

package/src/transforms/shuffle.ts

@@ -37,7 +37,7 @@ var Hash = function (s) {
   return ~~String(a).slice(0, 3);
 };
 
-var HashTemplate = Template(
+var HashTemplate = new Template(
   `
   var {name} = function(arr) {
     var s = arr.map(x=>x+"").join(''), a = 1, c = 0, h, o;
@@ -68,7 +68,7 @@ export default class Shuffle extends Transform {
   match(object, parents) {
     return (
       object.type == "ArrayExpression" &&
-      !parents.find((x) => x.$dispatcherSkip)
+      !parents.find((x) => x.$multiTransformSkip)
     );
   }
 
@@ -168,7 +168,7 @@ export default class Shuffle extends Transform {
         if (mode !== "hash") {
           var varPrefix = this.getPlaceholder();
           code.push(
-            Template(`
+            new Template(`
             for ( var ${varPrefix}x = 16; ${varPrefix}x%4 === 0; ${varPrefix}x++) {
               var ${varPrefix}z = 0;
               ${

package/src/transforms/stack.ts

@@ -16,6 +16,8 @@ import {
   RestElement,
   ReturnStatement,
   SequenceExpression,
+  VariableDeclaration,
+  VariableDeclarator,
 } from "../util/gen";
 import { getIdentifierInfo } from "../util/identifiers";
 import {
@@ -32,6 +34,8 @@ import { chance, choice, getRandomInteger } from "../util/random";
 import Transform from "./transform";
 import { noRenameVariablePrefix } from "../constants";
 import { FunctionLengthTemplate } from "../templates/functionLength";
+import { ObjectDefineProperty } from "../templates/globals";
+import { isJSConfuserVar } from "../util/guard";
 
 export default class Stack extends Transform {
   mangledExpressionsMade: number;
@@ -49,7 +53,7 @@ export default class Stack extends Transform {
       isFunction(object) &&
       !object.params.find((x) => x.type !== "Identifier") &&
       object.body.type === "BlockStatement" &&
-      !parents.find((x) => x.$dispatcherSkip) &&
+      !parents.find((x) => x.$multiTransformSkip) &&
       !object.$requiresEval
     );
   }
@@ -144,6 +148,11 @@ export default class Stack extends Transform {
             illegal.add(o.name);
           }
 
+          // Ignore __JS_CONFUSER_VAR__()
+          if (isJSConfuserVar(p)) {
+            illegal.add(o.name);
+          }
+
           if (
             info.isClauseParameter ||
             info.isFunctionParameter ||
@@ -494,15 +503,21 @@ export default class Stack extends Transform {
       // Ensure the array is correct length
       prepend(
         object.body,
-        Template(`${stackName}["length"] = ${startingSize}`).single()
+        new Template(`${stackName}["length"] = ${startingSize}`).single()
       );
 
-      if (originalFunctionLength !== 0) {
+      if (this.options.preserveFunctionLength && originalFunctionLength !== 0) {
         if (!this.functionLengthName) {
           this.functionLengthName = this.getPlaceholder();
           prepend(
             parents[parents.length - 1] || object,
-            FunctionLengthTemplate.single({ name: this.functionLengthName })
+            FunctionLengthTemplate.single({
+              name: this.functionLengthName,
+              ObjectDefineProperty: this.createInitVariable(
+                ObjectDefineProperty,
+                parents
+              ),
+            })
           );
         }
 

package/src/transforms/string/encoding.ts

@@ -1,16 +1,48 @@
 import Template from "../../templates/template";
-
-const Encoding: {
-  [encoding_name: string]: {
-    encode: (s) => string;
-    decode: (s) => string;
-    template: ReturnType<typeof Template>;
-  };
-} = {
-  base91: {
+import { Literal } from "../../util/gen";
+import { choice, shuffle } from "../../util/random";
+
+/**
+ * Defines an encoding implementation the Obfuscator
+ */
+export interface EncodingImplementation {
+  identity: string;
+
+  encode(s: string): string;
+  decode(s: string): string;
+  template: Template;
+}
+
+let _hasAllEncodings = false;
+export function hasAllEncodings() {
+  return _hasAllEncodings;
+}
+
+export function createEncodingImplementation(): EncodingImplementation {
+  if (_hasAllEncodings) {
+    return EncodingImplementations[
+      choice(Object.keys(EncodingImplementations))
+    ];
+  }
+
+  // create base91 encoding
+  let strTable =
+    'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789!#$%&()*+,./:;<=>?@[]^_`{|}~"';
+
+  // shuffle table
+  strTable = shuffle(strTable.split("")).join("");
+
+  let identity = "base91_" + strTable;
+
+  if (EncodingImplementations.hasOwnProperty(identity)) {
+    _hasAllEncodings = true;
+    return EncodingImplementations[identity];
+  }
+
+  var encodingImplementation = {
+    identity,
     encode(str) {
-      const table =
-        'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789!#$%&()*+,./:;<=>?@[]^_`{|}~"';
+      const table = strTable;
 
       const raw = Buffer.from(str, "utf-8");
       const len = raw.length;
@@ -45,8 +77,7 @@ const Encoding: {
       return ret;
     },
     decode(str) {
-      const table =
-        'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789!#$%&()*+,./:;<=>?@[]^_`{|}~"';
+      const table = strTable;
 
       const raw = "" + (str || "");
       const len = raw.length;
@@ -80,46 +111,54 @@ const Encoding: {
 
       return Buffer.from(ret).toString("utf-8");
     },
-    template: Template(`  
-      function {name}(str){
-        const table =
-          'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789!#$%&()*+,./:;<=>?@[]^_\`{|}~"';
-
-        const raw = "" + (str || "");
-        const len = raw.length;
-        const ret = [];
-
-        let b = 0;
-        let n = 0;
-        let v = -1;
-
-        for (let i = 0; i < len; i++) {
-          const p = table.indexOf(raw[i]);
-          if (p === -1) continue;
-          if (v < 0) {
-            v = p;
-          } else {
-            v += p * 91;
-            b |= v << n;
-            n += (v & 8191) > 88 ? 13 : 14;
-            do {
-              ret.push(b & 0xff);
-              b >>= 8;
-              n -= 8;
-            } while (n > 7);
-            v = -1;
+    template: new Template(`  
+        function {__fnName__}(str){
+          var table = {__strTable__};
+  
+          var raw = "" + (str || "");
+          var len = raw.length;
+          var ret = [];
+  
+          var b = 0;
+          var n = 0;
+          var v = -1;
+  
+          for (var i = 0; i < len; i++) {
+            var p = table.indexOf(raw[i]);
+            if (p === -1) continue;
+            if (v < 0) {
+              v = p;
+            } else {
+              v += p * 91;
+              b |= v << n;
+              n += (v & 8191) > 88 ? 13 : 14;
+              do {
+                ret.push(b & 0xff);
+                b >>= 8;
+                n -= 8;
+              } while (n > 7);
+              v = -1;
+            }
           }
+  
+          if (v > -1) {
+            ret.push((b | (v << n)) & 0xff);
+          }
+  
+          return {__bufferToString__}(ret);
         }
+      `).setDefaultVariables({
+      __strTable__: Literal(strTable),
+    }),
+  };
 
-        if (v > -1) {
-          ret.push((b | (v << n)) & 0xff);
-        }
-
-        return {bufferToString}(ret);
-      }
-    `),
-  },
+  EncodingImplementations[identity] = encodingImplementation;
+  return encodingImplementation;
+}
 
+export const EncodingImplementations: {
+  [encodingIdentity: string]: EncodingImplementation;
+} = {
   /* ascii85: { This implementation is flaky and causes decoding errors 
     encode(a) {
       var b, c, d, e, f, g, h, i, j, k;
@@ -209,5 +248,3 @@ const Encoding: {
     `),
   }, */
 };
-
-export default Encoding;

package/src/transforms/string/stringCompression.ts

@@ -2,22 +2,36 @@ import { ok } from "assert";
 import { ObfuscateOrder } from "../../order";
 import { ComputeProbabilityMap } from "../../probability";
 import Template from "../../templates/template";
-import { isDirective } from "../../util/compare";
+import { isDirective, isModuleSource } from "../../util/compare";
 import {
+  AssignmentExpression,
+  BinaryExpression,
   CallExpression,
+  ExpressionStatement,
   FunctionDeclaration,
   FunctionExpression,
   Identifier,
+  IfStatement,
   Literal,
   MemberExpression,
+  ObjectExpression,
+  Property,
   ReturnStatement,
   VariableDeclaration,
   VariableDeclarator,
 } from "../../util/gen";
 import { append, prepend } from "../../util/insert";
 import Transform from "../transform";
-import { isModuleSource } from "./stringConcealing";
-import { chance } from "../../util/random";
+import { predictableFunctionTag } from "../../constants";
+import {
+  chance,
+  choice,
+  getRandomFalseExpression,
+  getRandomInteger,
+  getRandomString,
+  splitIntoChunks,
+} from "../../util/random";
+
 function LZ_encode(c) {
   ok(c);
   var x = "charCodeAt",
@@ -58,7 +72,7 @@ function LZ_decode(b) {
   return g.join("");
 }
 
-const DecodeTemplate = Template(
+const DecodeTemplate = new Template(
   `function {name}(b){
     var o,
     f,
@@ -94,7 +108,7 @@ export default class StringCompression extends Transform {
     this.map = new Map();
     this.ignore = new Set();
     this.string = "";
-    this.fnName = this.getPlaceholder();
+    this.fnName = this.getPlaceholder() + predictableFunctionTag;
   }
 
   apply(tree) {
@@ -107,7 +121,7 @@ export default class StringCompression extends Transform {
 
     var split = this.getPlaceholder();
     var decoder = this.getPlaceholder();
-    var getStringName = this.getPlaceholder();
+    var getStringName = this.getPlaceholder() + predictableFunctionTag; // Returns the string payload
 
     var encoded = LZ_encode(this.string);
     if (LZ_decode(encoded) !== this.string) {
@@ -141,15 +155,72 @@ export default class StringCompression extends Transform {
       )
     );
 
-    append(
-      tree,
-      FunctionDeclaration(
-        getStringName,
-        [],
-        [ReturnStatement(Literal(encoded))]
-      )
+    var keys = new Set<string>();
+    var keysToMake = getRandomInteger(4, 14);
+    for (var i = 0; i < keysToMake; i++) {
+      keys.add(getRandomString(getRandomInteger(4, 14)));
+    }
+
+    var objectExpression = ObjectExpression(
+      Array.from(keys).map((key) => {
+        return Property(Literal(key), getRandomFalseExpression(), true);
+      })
+    );
+
+    // Get string function
+    var getStringBody = [];
+    var splits = splitIntoChunks(
+      encoded,
+      Math.floor(encoded.length / getRandomInteger(3, 6))
+    );
+
+    getStringBody.push(
+      VariableDeclaration(VariableDeclarator("str", Literal(splits.shift())))
+    );
+
+    getStringBody.push(
+      VariableDeclaration(VariableDeclarator("objectToTest", objectExpression))
     );
 
+    const addIfStatement = (testingFor, literalValueToBeAppended) => {
+      getStringBody.push(
+        IfStatement(
+          BinaryExpression(
+            "in",
+            Literal(testingFor),
+            Identifier("objectToTest")
+          ),
+          [
+            ExpressionStatement(
+              AssignmentExpression(
+                "+=",
+                Identifier("str"),
+                Literal(literalValueToBeAppended)
+              )
+            ),
+          ]
+        )
+      );
+    };
+
+    for (const split of splits) {
+      if (chance(50)) {
+        var fakeKey;
+        do {
+          fakeKey = getRandomString(getRandomInteger(4, 14));
+        } while (keys.has(fakeKey) || fakeKey in {});
+
+        addIfStatement(fakeKey, getRandomString(split.length));
+      }
+
+      addIfStatement(choice(Array.from(keys)), split);
+    }
+
+    // Return computed string
+    getStringBody.push(ReturnStatement(Identifier("str")));
+
+    append(tree, FunctionDeclaration(getStringName, [], getStringBody));
+
     append(
       tree,
       FunctionDeclaration(
@@ -176,7 +247,8 @@ export default class StringCompression extends Transform {
       object.value &&
       object.value.length > 3 &&
       !isDirective(object, parents) &&
-      !isModuleSource(object, parents)
+      !isModuleSource(object, parents) &&
+      !parents.find((x) => x.$multiTransformSkip)
     );
   }
 
@@ -210,9 +282,6 @@ export default class StringCompression extends Transform {
       return;
     }
 
-    // HARD CODED LIMIT of 10,000 (after 1,000 elements)
-    if (this.map.size > 1000 && !chance(this.map.size / 100)) return;
-
     var index = this.map.get(object.value);
 
     // New string, add it!