Category jsdeobfuscator

  • A few weeks ago I released JavaScript Deobfuscator 2.0 — finally something that works with current Firefox versions again. Why did it take me a year to fix this compatibility issue? Well, it really wasn’t that simple. After considering all the possibilities I decided that rewriting it from scratch was the only possibility, and that was hard to accomplish in my spare time.

    Before I continue with the technical details, allow me to introduce JavaScript Deobfuscator in its new reincarnation: it now adds a panel to Firefox Developer Tools. Instead of messing with filters your view is limited to the current tab automatically. Both compiled and executed scripts go into the same list, with some text indicating whether we’ve seen the script being compiled or executed or both. Starting with Firefox 39 even code running in Web Workers will be displayed. And JavaScript Deobfuscator will beautify the code instead of relying on the JavaScript engine to do so.

    Posted , Author

  • A few months ago I read a post in the WebSense Security Labs blog: The Ultimate Deobfuscator. Wow, pretty impressive hacking effort and nice tricks to hook JavaScript eval() function and document.write() in Internet Explorer. But couldn’t you use JS Debugger hooks in Firefox to do the same thing with only a few lines of code? And then maybe even more generic because eval() and document.write() are certainly not the only ways to generate JavaScript code on the fly (out of the top of my head: changing window.location to a JavaScript URL, event handler attributes or setTimeout() with a string parameter).

    Posted , Author

← Older Newer →