Differences

This shows you the differences between two versions of the page.

--- symbolicjs [2025/05/12 03:06] – Yuki
+++ symbolicjs [2025/05/12 18:56] (current) – Yuki
@@ Line 1: / Line 1: @@
-====== Notes on JavaScipt obfuscation ======
+====== SymbolicJS: notes on JavaScript obfuscation ======
 Inspired by JSFuck, but here's the rules:
@@ Line 33: / Line 33: @@
 ===== Build a basic alphabet =====
+We can use variables, but only those whose name contains `$` and `_` so we'll use some sort of morse code-based encoding, with `$`=>`.` and `_`=>`-`, and a prefix to differentiate lowercase and uppercase:
 ^ ^code^
@@ Line 55: / Line 57: @@
 |O|''%%____=`${{}}`[-~-~-~-~-~-~-~!``]%%''|
 |space|''%%____$=`${{}}`[-~-~-~-~-~-~!``]%%''|
+Actually, we can just use the ''[a,b]="ab"'' notation to make it way shorter. Note that using ''+[]'' or ''+``'' is now shorter due to the lack of need of parentheses.
 <code javascript>
-[,$___,$_$$$,$$___,$$,$_$_,$_,____$,____]={}+[],
+[,$___,$_$$$,$$___,$$,$_$_,$_,____$,____]={}+[], // o,b,j,e,c,t,space,O
-[$$$_$,$$_,$$_$$,$$$$]=![]+[],
+[$$$_$,$$_,$$_$$,$$$$]=![]+[], // f,a,l,s
-[,$$_$,$$$_]=!``+[],
+[,$$_$]=!``+[], // r
-[__$]=-`!`+[],
+[__$]=-`!`+[], // N
-[,_$$,$_$,$$$_$,$$$,$_$,,,$_$__]=~[]/[]+[],
+[,_$$,$_$,,$$$,,,,$_$__]=~[]/[]+[], // I,n,i,y
-[$$$_,,$_$$]=[][[]]+[]
+[$$$_,,$_$$]=[][[]]+[] // u,d
 </code>
-===== Build a function =====
+Of course, a few of those are not needed, and can be removed if you don't need them, and those identifiers can always be shorter. We need at least enough to spell ''constructor'' and ''return btoa''. Here's the minimum:
+<code javascript>
+[,$___,$_$$$,,$$,$_$_$,$_,____$]={}+[], // o,b,e,c,t,space
+[,$$_,,$$$$]=![]+[], // a,s
+[,$$_$]=!``+[], // r
+[$$$_,$_$]=[][[]]+[], // u,n
+</code>
+===== Execute arbitrary code =====
+Now we have enough letters to execute arbitrary code:
+<code javascript>
+$=(_=>_)["constructor"] // returns Function
+</code>
 <code javascript>
 $=(_=>_)[$_$_$+$___+$_$+$$$$+$_+$$_$+$$$_+$_$_$+$_+$___+$$_$]
+</code>
+===== Build more letters =====
+We can then use `btoa` to get a lot of the letters we're missing:
+<code javascript>
+[K,i,g,h]=Function("return btoa")()`*(!` // returns 'Kigh'
+</code>
+<code javascript>
+[,$$$,$__$,$$$$$]=$($$_$+$$+$_+$$$_+$$_$+$_$+____$+$_$$$+$_+$___+$$_)()`*(!`
 </code>
@@ Line 74: / Line 105: @@
 <code javascript>
-[,,$__$,$$$$$]=$(`${$$_$+$$+$_+$$$_+$$_$+$_$+____$+$_$$$+$_+$___+$$_}\`((!\``)()
+_=Function("return this")()
+</code>
+<code javascript>
 _=$($$_$+$$+$_+$$$_+$$_$+$_$+____$+$_+$$$$$+$$$+$$$$)()
+</code>
+===== Access global variables and run some code =====
+<code javascript>
+_["console"]["log"]("hello")
+</code>
+<code javascript>
+_[$_$_$+$___+$_$+$$$$+$___+$$_$$+$$][$$_$$+$___+$__$]($$$$$+$$+$$_$$+$$_$$+$___)
+</code>
+===== Final result =====
+<code javascript>
+[,$___,$_$$$,,$$,$_$_$,$_,____$]={}+[], // o b e c t space
+[,$$_,$$_$$,$$$$]=![]+[], // a l s
+[,$$_$]=!``+[], // r
+[$$$_,$_$]=[][[]]+[], // u n
+$=(_=>_)[$_$_$+$___+$_$+$$$$+$_+$$_$+$$$_+$_$_$+$_+$___+$$_$], // $=Function
+[,$$$,$__$,$$$$$]=$($$_$+$$+$_+$$$_+$$_$+$_$+____$+$_$$$+$_+$___+$$_)()`*(!` // i g h
+$($$_$+$$+$_+$$$_+$$_$+$_$+____$+$_+$$$$$+$$$+$$$$)() // $("return this")()
+[$_$_$+$___+$_$+$$$$+$___+$$_$$+$$][$$_$$+$___+$__$]($$$$$+$$+$$_$$+$$_$$+$___) // console.log("hello")
+</code>
+<code javascript>
+[,$___,$_$$$,,$$,$_$_$,$_,____$]={}+[],[,$$_,$$_$$,$$$$]=![]+[],[,$$_$]=!``+[],[$$$_,$_$]=[][[]]+[],$=(_=>_)[$_$_$+$___+$_$+$$$$+$_+$$_$+$$$_+$_$_$+$_+$___+$$_$],[,$$$,$__$,$$$$$]=$($$_$+$$+$_+$$$_+$$_$+$_$+____$+$_$$$+$_+$___+$$_)()`*(!`,$($$_$+$$+$_+$$$_+$$_$+$_$+____$+$_+$$$$$+$$$+$$$$)()[$_$_$+$___+$_$+$$$$+$___+$$_$$+$$][$$_$$+$___+$__$]($$$$$+$$+$$_$$+$$_$$+$___)
 </code>

neige d'aoust

User Tools

Site Tools

Differences

Page Tools