本文主要是作者记笔记为主,温故而知新,记录混淆和解混淆的代码,后期可能会更新文章细节
以以下代码为例:
function test(a, b){
const c = "123";
a = a + 1 // a
a = a + 2
a = a * 1234
a = a.toString()
a = a.substring(0, 3)
b = a + "00"
return b;
}
test(2)
console.log(test(1))
首先导入库
const fs = require('fs');
const parser = require("@babel/parser");
const traverse = require("@babel/traverse").default;
const types = require("@babel/types");
const generator = require("@babel/generator").default;
const jscode = fs.readFileSync("./test2.js", {
encoding: "utf-8"
});
let ast = parser.parse(jscode);
本次就是将return语句增加改为逗号表达式,来混淆部分阅读逻辑
// 混淆代码,转为逗号表达式混淆
const obcommafun ={
FunctionDeclaration(path){
let block = path.node.body
let statements = block.body
douhao = []
path.traverse({
ExpressionStatement(path){
douhao.push(path.node.expression)
path.remove()
}
})
let last = statements[statements.length - 1]
let last_ret = types.ExpressionStatement(last.argument).expression
douhao.push(last_ret)
let seq = types.sequenceExpression(douhao)
let ret = types.returnStatement(seq)
console.log(generator(ret).code)
// 替换原来的函数体
path.traverse({
ReturnStatement(path){
path.replaceWith(ret)
path.stop()
}
})
}
}
traverse(ast, obcommafun)
混淆后代码如下:文章来源:https://www.toymoban.com/news/detail-834842.html
function test(a, b) {
const c = "123";
// a
return a = a + 1, a = a + 2, a = a * 1234, a = a.toString(), a = a.substring(0, 3), b = a + "00", b;
}
test(2);
console.log(test(1));
还原混淆的代码如下:文章来源地址https://www.toymoban.com/news/detail-834842.html
// 混淆代码,转为逗号表达式混淆(解混淆)
const obcommafun = {
ReturnStatement(path) {
// 找到return的逗号表达式语句
path.traverse({
SequenceExpression(path2) {
let exps = path2.node.expressions
console.log(111)
last_ret = exps[exps.length - 1]
last_ret = types.ReturnStatement(last_ret)
block = []
for(let i = 0; i < exps.length - 1; i++){
block.push(types.ExpressionStatement(exps[i]))
}
block.push(last_ret)
block = types.BlockStatement(block)
path.replaceWith(block)
}
})
}
}
traverse(ast, obcommafun)
到了这里,关于AST混淆与解混淆笔记:逗号表达式混淆的文章就介绍完了。如果您还想了解更多内容,请在右上角搜索TOY模板网以前的文章或继续浏览下面的相关文章,希望大家以后多多支持TOY模板网!
