Method: Rex::Exploitation::ObfuscateJS.obfuscate
- Defined in:
- lib/rex/exploitation/obfuscatejs.rb
.obfuscate(js, opts = {}) ⇒ Object
Obfuscates a javascript string.
Options are ‘Symbols’, described below, and ‘Strings’, a boolean which specifies whether strings within the javascript should be mucked with (defaults to false).
The ‘Symbols’ argument should have the following format:
{
'Variables' => [ 'var1', ... ],
'Methods' => [ 'method1', ... ],
'Namespaces' => [ 'n', ... ],
'Classes' => [ { 'Namespace' => 'n', 'Class' => 'y'}, ... ]
}
Make sure you order your methods, classes, and namespaces by most specific to least specific to prevent partial substitution. For instance, if you have two methods (joe and joeBob), you should place joeBob before joe because it is more specific and will be globally replaced before joe is replaced.
A simple example follows:
<code> js = ObfuscateJS.new <<ENDJS
function say_hi() {
var foo = "Hello, world";
document.writeln(foo);
}
ENDJS js.obfuscate(
'Symbols' => {
'Variables' => [ 'foo' ],
'Methods' => [ 'say_hi' ]
}
'Strings' => true
) </code>
which should generate something like the following:
function oJaDYRzFOyJVQCOHk() { var cLprVG = "\x48\x65\x6c\x6c\x6f\x2c\x20\x77\x6f\x72\x6c\x64"; document.writeln(cLprVG); }
String obfuscation tries to deal with escaped quotes within strings but won’t catch things like
"\\"
so be careful.
63 64 65 |
# File 'lib/rex/exploitation/obfuscatejs.rb', line 63 def self.obfuscate(js, opts = {}) ObfuscateJS.new(js).obfuscate(opts) end |