jsarmor 1.0.6 → 2.0.0

package/cli/index.js

@@ -1,177 +1,194 @@
-#!/usr/bin/env node
-
-import fs from "fs";
-import path from "path";
-import chalk from "chalk";
-import gradient from "gradient-string";
-import cliProgress from "cli-progress";
-import generate from "@babel/generator";
-
-import { parseCode } from "../core/parser.js";
-import { renameVariables } from "../core/renamer.js";
-import { encodeStrings } from "../core/stringArray.js";
-import { flattenControlFlow } from "../core/controlflow.js";
-import { unicodeEscape } from "../core/unicode.js";
-import { generateJunk } from "../core/junkcode.js";
-
-import { injectDeadCode, generateDeadRuntime } from "../core/deadcode.js";
-
-import { injectAntiDebug } from "../core/antidebug.js";
-import { antiBeautify } from "../core/beautifyGuard.js";
-import { selfDefend } from "../core/selfdefend.js";
-
-const neon = gradient(["#00ffff","#ff00ff","#00ff9f"]);
-
-try{
-
-const args = process.argv.slice(2);
-
-const command = args[0];
-const file = args[1];
-
-let outputName = "obf.js";
-
-const outIndex = args.indexOf("-o");
-
-if(outIndex !== -1 && args[outIndex+1]){
-outputName = args[outIndex+1];
-}
-
-if(!command || command === "help"){
-
-console.log(neon(`
-JSArmor - JavaScript Obfuscator
-
-Usage:
-
-jsarmor gen input.js
-jsarmor gen input.js -o output.js
-
-`));
-
-process.exit(0);
-
-}
-
-if(command !== "gen"){
-
-console.log(chalk.red("Unknown command"));
-console.log("Use: jsarmor gen input.js");
-
-process.exit(1);
-
-}
-
-if(!file){
-
-console.log(chalk.red("Please provide input file"));
-console.log("Usage: jsarmor gen input.js");
-
-process.exit(1);
-
-}
-
-if(!fs.existsSync(file)){
-console.log(chalk.red(`File not found: ${file}`));
-process.exit(1);
-}
-
-let code = fs.readFileSync(file,"utf8");
-
-let shebang = "";
-
-if(code.startsWith("#!")){
-const end = code.indexOf("\n");
-shebang = code.slice(0,end);
-code = code.slice(end);
-}
-
-console.log(
-neon(`┌──────────────────────────────┐
-│     NodeJS Obfuscator v3     │
-└──────────────────────────────┘`)
-);
-
-const bar = new cliProgress.SingleBar({
-format:"progress [{bar}] {percentage}% | {value}/{total}",
-barCompleteChar:"█",
-barIncompleteChar:"░"
-});
-
-bar.start(6,0);
-
-const ast = parseCode(code);
-bar.increment();
-
-renameVariables(ast);
-bar.increment();
-
-const pool = encodeStrings(ast);
-bar.increment();
-
-/* dead code transform */
-injectDeadCode(ast);
-bar.increment();
-
-flattenControlFlow(ast);
-bar.increment();
-
-unicodeEscape(ast);
-bar.increment();
-
-bar.stop();
-
-const output = generate.default(ast,{
-jsescOption:{
-minimal:true
-}
-}).code;
-
-const runtimeJunk = generateDeadRuntime();
-
-const final =
-(shebang ? shebang + "\n" : "") +
-injectAntiDebug() +
-antiBeautify() +
-selfDefend() +
-`var _STRINGS=${JSON.stringify(pool)};\n` +
-runtimeJunk +
-generateJunk() +
-output;
-
-const distDir = path.join(process.cwd(),"dist");
-
-if(!fs.existsSync(distDir)){
-fs.mkdirSync(distDir,{recursive:true});
-}
-
-const outFile = path.join(distDir,"obf.js");
-
-fs.writeFileSync(outFile,final);
-
-console.log();
-console.log(chalk.green("✔ Parsing AST"));
-console.log(chalk.green("✔ Variables renamed"));
-console.log(chalk.green("✔ Strings encoded"));
-console.log(chalk.green("✔ Dead code injected"));
-console.log(chalk.green("✔ Control flow flattened"));
-console.log(chalk.green("✔ Unicode escape applied"));
-console.log();
-console.log(chalk.bold.green("✔ Obfuscation Complete"));
-console.log(chalk.cyan(`Output: ${outFile}`));
-
-const originalSize = code.length;
-const newSize = final.length;
-
-console.log(
-chalk.yellow(
-`Size: ${(originalSize/1024).toFixed(2)} KB → ${(newSize/1024).toFixed(2)} KB`
-)
-);
-
-}catch(err){
-
-console.log(chalk.red("Obfuscation failed"));
-console.error(err);
-
-}
+#!/usr/bin/env node
+
+import fs from "fs";
+import path from "path";
+import chalk from "chalk";
+import gradient from "gradient-string";
+import cliProgress from "cli-progress";
+import generate from "@babel/generator";
+
+import { parseCode } from "../core/parser.js";
+import { renameVariables } from "../core/renamer.js";
+import { encodeStrings } from "../core/stringArray.js";
+import { flattenControlFlow } from "../core/controlflow.js";
+import { unicodeEscape } from "../core/unicode.js";
+import { generateJunk } from "../core/junkcode.js";
+
+import { injectDeadCode, generateDeadRuntime } from "../core/deadcode.js";
+
+import { injectAntiDebug } from "../core/antidebug.js";
+import { antiBeautify } from "../core/beautifyGuard.js";
+import { selfDefend } from "../core/selfdefend.js";
+import { unicodeIdentifiers } from "../core/unicodeIdentifier.js";
+import { buildStringRuntime } from "../core/stringRuntime.js";
+import { antiVM } from "../core/antivm.js";
+
+import { watermark } from "../utils/watermark.js";
+
+const neon = gradient(["#00ffff","#ff00ff","#00ff9f"]);
+
+try{
+
+const args = process.argv.slice(2);
+
+const command = args[0];
+const file = args[1];
+
+let outputName = "obf.js";
+
+const outIndex = args.indexOf("-o");
+
+if(outIndex !== -1 && args[outIndex+1]){
+outputName = args[outIndex+1];
+}
+
+let user = "";
+
+const userIndex = args.indexOf("--user");
+
+if(userIndex !== -1 && args[userIndex+1]){
+user = args[userIndex+1];
+}
+
+if(!command || command === "help"){
+
+console.log(neon(`
+JSArmor - JavaScript Obfuscator
+
+Usage:
+
+jsarmor gen input.js
+jsarmor gen input.js -o output.js
+
+`));
+
+process.exit(0);
+
+}
+
+if(command !== "gen"){
+
+console.log(chalk.red("Unknown command"));
+console.log("Use: jsarmor gen input.js");
+
+process.exit(1);
+
+}
+
+if(!file){
+
+console.log(chalk.red("Please provide input file"));
+console.log("Usage: jsarmor gen input.js");
+
+process.exit(1);
+
+}
+
+if(!fs.existsSync(file)){
+console.log(chalk.red(`File not found: ${file}`));
+process.exit(1);
+}
+
+let code = fs.readFileSync(file,"utf8");
+
+let shebang = "";
+
+if(code.startsWith("#!")){
+const end = code.indexOf("\n");
+shebang = code.slice(0,end);
+code = code.slice(end);
+}
+
+console.log(
+neon(`┌──────────────────────────────┐
+│       JSArmor Version1.7     │
+└──────────────────────────────┘`)
+);
+const bar = new cliProgress.SingleBar({
+format:"progress [{bar}] {percentage}% | {value}/{total}",
+barCompleteChar:"█",
+barIncompleteChar:"░"
+});
+
+bar.start(7,0);
+
+const ast = parseCode(code);
+bar.increment();
+
+renameVariables(ast);
+bar.increment();
+
+unicodeIdentifiers(ast);
+bar.increment();
+
+const pool = encodeStrings(ast);
+bar.increment();
+
+/* dead code transform */
+injectDeadCode(ast);
+bar.increment();
+
+flattenControlFlow(ast);
+bar.increment();
+
+unicodeEscape(ast);
+bar.increment();
+
+bar.stop();
+
+const output = generate.default(ast,{
+jsescOption:{
+minimal:true
+}
+}).code;
+
+const runtimeJunk = generateDeadRuntime();
+
+const final =
+(shebang ? shebang + "\n" : "") +
+watermark(user) +
+injectAntiDebug() +
+antiBeautify() +
+antiVM() +
+selfDefend() +
+buildStringRuntime(pool) +
+runtimeJunk +
+generateJunk() +
+output;
+
+const distDir = path.join(process.cwd(),"dist");
+
+if(!fs.existsSync(distDir)){
+fs.mkdirSync(distDir,{recursive:true});
+}
+
+const outFile = path.join(distDir, outputName);
+
+fs.writeFileSync(outFile,final);
+
+console.log();
+console.log(chalk.green("✔ Parsing AST"));
+console.log(chalk.green("✔ Variables renamed"));
+console.log(chalk.green("✔ Strings encoded"));
+console.log(chalk.green("✔ Dead code injected"));
+console.log(chalk.green("✔ Control flow flattened"));
+console.log(chalk.green("✔ Unicode escape applied"));
+console.log();
+console.log(chalk.bold.green("✔ Obfuscation Complete"));
+console.log(chalk.cyan(`Output: ${outFile}`));
+
+const originalSize = code.length;
+const newSize = final.length;
+
+console.log(
+chalk.yellow(
+`Size: ${(originalSize/1024).toFixed(2)} KB → ${(newSize/1024).toFixed(2)} KB`
+)
+);
+
+}catch(err){
+
+console.log(chalk.red("Obfuscation failed"));
+console.error(err);
+
+}

package/core/antidebug.js

@@ -1,15 +1,13 @@
-export function injectAntiDebug(){
-
-return `
-
-(function(){
-setInterval(function(){
-try{
-(function(){debugger})()
-}catch(e){}
-},2000)
-})();
-
-`;
-
-}
+export function injectAntiDebug(){
+return `
+
+;(function(){
+setInterval(function(){
+try{
+debugger;
+}catch(e){}
+},3000) 
+})();
+
+`;
+}

package/core/antivm.js

@@ -0,0 +1,19 @@
+export function antiVM(){
+return `
+
+;(function(){
+
+var s=(typeof navigator!="undefined"?navigator.userAgent:"node").toLowerCase()
+
+if(
+s.includes("vmware")||
+s.includes("virtualbox")||
+s.includes("qemu")
+){
+console.warn("VM detected"); 
+}
+
+})()
+
+`
+}

package/core/beautifyGuard.js

@@ -1,21 +1,17 @@
 export function antiBeautify(){
-
 return `
 
-(function(){
+;(function(){
 
 const start=Date.now()
-
 debugger
-
 const end=Date.now()
 
-if(end-start>100){
-while(true){}
+if(end-start>1000){
+console.warn("Debug detected")
 }
 
 })();
 
 `;
-
 }

package/core/controlflow.js

@@ -93,24 +93,13 @@ Function(path){
   });
 
   const whileLoop = t.whileStatement(
-    t.booleanLiteral(true),
-    t.blockStatement([
-
-      t.switchStatement(
-        t.identifier("_s"),
-        cases
-      ),
-
-      t.ifStatement(
-        t.binaryExpression(
-          ">=",
-          t.identifier("_s"),
-          t.numericLiteral(body.length)
-        ),
-        t.breakStatement()
-      )
-
-    ])
+  t.binaryExpression("<", t.identifier("_s"), t.numericLiteral(body.length)),
+  t.blockStatement([
+    t.switchStatement(
+      t.identifier("_s"),
+      cases
+    )
+  ])
   );
 
   const newBody = [];
@@ -147,4 +136,4 @@ Function(path){
 }
 });
 
-}
+}

package/core/deadcode.js

@@ -1,7 +1,9 @@
-import traverse from "@babel/traverse";
+import traverseModule from "@babel/traverse";
 import * as t from "@babel/types";
 import { randomInt } from "../utils/random.js";
 
+const traverse = traverseModule.default;
+
 const patterns = [
 
 "var _a=Math.random();if(_a>2){console.log(_a)}",
@@ -17,7 +19,9 @@ const patterns = [
 
 ];
 
-for(let i=0;i<90;i++){
+/* generate nhiều pattern */
+
+for(let i=0;i<20;i++){
 
 patterns.push(`
 var _junk${i}=Math.random()*${randomInt(1,999)};
@@ -34,9 +38,11 @@ return patterns[Math.floor(Math.random()*patterns.length)];
 
 }
 
+/* AST deadcode */
+
 export function injectDeadCode(ast){
 
-traverse.default(ast,{
+traverse(ast,{
 
 BlockStatement(path){
 
@@ -76,14 +82,14 @@ path.node.body.unshift(fake);
 
 }
 
+/* runtime deadcode */
+
 export function generateDeadRuntime(){
 
 let out="";
 
-for(let i=0;i<30;i++){
-
+for(let i=0;i<10;i++){
 out+=randomPattern()+"\n";
-
 }
 
 return out;

package/core/junkcode.js

@@ -1,18 +1,19 @@
-export function generateJunk() {
+export function generateJunk(){
 
-  const junk = [];
+return `
 
-  for (let i = 0; i < 20; i++) {
+var _假=Math.random()
 
-    junk.push(`
-var _junk${i} = Math.random() * ${i};
-if(_junk${i} > 9999){
- console.log(_junk${i});
+function _伪(){
+try{
+return Function("return 1+1")()
+}catch(e){}
 }
-`);
 
-  }
+if(_假>2){
+console.log(_伪())
+}
 
-  return junk.join("\n");
+`
 
 }

package/core/parser.js

@@ -18,4 +18,4 @@ plugins:[
 ]
 });
 
-}
+}

package/core/rc4.js

@@ -1,42 +1,33 @@
 export function rc4(key, str){
 
-let s=[]
-let j=0
-let x
-let res=""
+if(!key) throw new Error("RC4 key empty")
 
-for(let i=0;i<256;i++){
-s[i]=i
-}
-
-for(let i=0;i<256;i++){
-
-j=(j+s[i]+key.charCodeAt(i%key.length))%256
+let s=[],j=0,x,res=""
 
-x=s[i]
-s[i]=s[j]
-s[j]=x
+for(let i=0;i<256;i++) s[i]=i
 
+for(let i=0;i<256;i++){
+  j=(j+s[i]+key.charCodeAt(i%key.length))&255
+  x=s[i]
+  s[i]=s[j]
+  s[j]=x
 }
 
 let i=0
 j=0
 
 for(let y=0;y<str.length;y++){
+  i=(i+1)&255
+  j=(j+s[i])&255
 
-i=(i+1)%256
-j=(j+s[i])%256
-
-x=s[i]
-s[i]=s[j]
-s[j]=x
+  x=s[i]
+  s[i]=s[j]
+  s[j]=x
 
-let k=s[(s[i]+s[j])%256]
-
-res+=String.fromCharCode(str.charCodeAt(y)^k)
+  let k=s[(s[i]+s[j])&255]
 
+  res += String.fromCharCode(str.charCodeAt(y) ^ k)
 }
 
 return res
-
 }