hugh
/
javascript-obfuscator


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284
							import { assert } from 'chai';

import { TInputOptions } from '../../src/types/options/TInputOptions';

import { StringArrayEncoding } from '../../src/enums/StringArrayEncoding';
import { IdentifierNamesGenerator } from '../../src/enums/generators/identifier-names-generators/IdentifierNamesGenerator';

import { evaluateInWorker } from '../helpers/evaluateInWorker';
import { readFileAsString } from '../helpers/readFileAsString';

import { JavaScriptObfuscator } from '../../src/JavaScriptObfuscatorFacade';

const getEnvironmentCode = () => `
    global.document = {
        domain: 'obfuscator.io'
    };
`;

describe('JavaScriptObfuscator runtime eval', function () {
    const baseOptions: TInputOptions = {
        controlFlowFlattening: true,
        controlFlowFlatteningThreshold: 1,
        deadCodeInjection: true,
        deadCodeInjectionThreshold: 1,
        debugProtection: true,
        disableConsoleOutput: true,
        domainLock: ['obfuscator.io'],
        simplify: true,
        renameProperties: true,
        reservedNames: ['generate', 'sha256'],
        rotateStringArray: true,
        selfDefending: true,
        splitStrings: true,
        splitStringsChunkLength: 5,
        stringArray: true,
        stringArrayEncoding: StringArrayEncoding.Rc4,
        stringArrayThreshold: 1,
        transformObjectKeys: true,
        unicodeEscapeSequence: true
    };

    this.timeout(200000);

    [
        {
            identifierNamesGenerator: IdentifierNamesGenerator.HexadecimalIdentifierNamesGenerator,
            renameGlobals: false
        },
        {
            identifierNamesGenerator: IdentifierNamesGenerator.HexadecimalIdentifierNamesGenerator,
            renameGlobals: true
        },
        {
            identifierNamesGenerator: IdentifierNamesGenerator.MangledIdentifierNamesGenerator,
            renameGlobals: false
        },
        {
            identifierNamesGenerator: IdentifierNamesGenerator.MangledIdentifierNamesGenerator,
            renameGlobals: true
        },
        {
            identifierNamesGenerator: IdentifierNamesGenerator.MangledShuffledIdentifierNamesGenerator,
            renameGlobals: false
        },
        {
            identifierNamesGenerator: IdentifierNamesGenerator.MangledShuffledIdentifierNamesGenerator,
            renameGlobals: true
        }
    ].forEach((options: Partial<TInputOptions>) => {
        const detailedDescription: string = `Identifier names generator: ${options.identifierNamesGenerator}, rename globals: ${options.renameGlobals?.toString()}`;

        describe(`Astring. ${detailedDescription}`, () => {
            it('should obfuscate code without any runtime errors after obfuscation: Variant #1 astring', () => {
                const code: string = readFileAsString(__dirname + '/fixtures/astring.js');

                const obfuscatedCode: string = JavaScriptObfuscator.obfuscate(
                    code,
                    {
                        ...baseOptions,
                        ...options,
                        renameProperties: false
                    }
                ).getObfuscatedCode();

                let evaluationResult: string;

                try {
                    evaluationResult = eval(`
                        ${getEnvironmentCode()}
                        ${obfuscatedCode}
                        const code = generate({
                            "type": "Program",
                            "body": [
                                {
                                    "type": "FunctionDeclaration",
                                    "id": {
                                        "type": "Identifier",
                                        "name": "test",
                                        "range": [
                                            9,
                                            13
                                        ]
                                    },
                                    "params": [],
                                    "body": {
                                        "type": "BlockStatement",
                                        "body": [
                                            {
                                                "type": "ReturnStatement",
                                                "argument": {
                                                    "type": "Literal",
                                                    "value": "foo",
                                                    "raw": "'foo'",
                                                    "range": [
                                                        30,
                                                        35
                                                    ]
                                                },
                                                "range": [
                                                    23,
                                                    36
                                                ]
                                            }
                                        ],
                                        "range": [
                                            17,
                                            38
                                        ]
                                    },
                                    "generator": false,
                                    "expression": false,
                                    "async": false,
                                    "range": [
                                        0,
                                        38
                                    ]
                                }
                            ],
                            "sourceType": "module",
                            "range": [
                                0,
                                38
                            ],
                            "comments": []
                        });
                        
                        eval(\`\${code} test();\`);
                    `)
                } catch (e) {
                    throw new Error(`Evaluation error: ${e.message}. Code: ${obfuscatedCode}`);
                }

                assert.equal(evaluationResult, 'foo');
            });
        });

        describe(`Sha256. ${detailedDescription}`, () => {
            it('should obfuscate code without any runtime errors after obfuscation: Variant #2 sha256', () => {
                const code: string = readFileAsString(__dirname + '/fixtures/sha256.js');

                const obfuscatedCode: string = JavaScriptObfuscator.obfuscate(
                    code,
                    {
                        ...baseOptions,
                        ...options
                    }
                ).getObfuscatedCode();

                assert.equal(
                    eval(`
                        ${getEnvironmentCode()}
                        ${obfuscatedCode}
                        sha256('test');
                    `),
                    '9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08'
                );
            });
        });

        describe(`Obfuscator. ${detailedDescription}`, () => {
            const evaluationTimeout: number = 50000;

            let evaluationResult: string;

            beforeEach(() => {
                const code: string = readFileAsString(process.cwd() + '/dist/index.js');

                const obfuscatedCode: string = JavaScriptObfuscator.obfuscate(
                    code,
                    {
                        ...baseOptions,
                        ...options,
                        renameProperties: false
                    }
                ).getObfuscatedCode();

                return evaluateInWorker(
                    `
                        ${getEnvironmentCode()}
                        ${obfuscatedCode}
                        module.exports.obfuscate('var foo = 1;').getObfuscatedCode();
                    `,
                    evaluationTimeout
                )
                    .then((result: string | null) => {
                        if (!result) {
                            return;
                        }

                        evaluationResult = result;
                    })
                    .catch((error: Error) => {
                        evaluationResult = `${error.message}. ${error.stack}`;
                    });
            });

            it('should obfuscate code without any runtime errors after obfuscation: Variant #3 obfuscator', () => {
                assert.equal(
                    evaluationResult,
                    'var foo=0x1;'
                );
            });
        });

        [
            {
                debugProtection: false,
                selfDefending: false,
                stringArray: true
            },
            {
                debugProtection: false,
                selfDefending: true,
                stringArray: false
            },
            {
                debugProtection: true,
                selfDefending: false,
                stringArray: false
            },
            {
                debugProtection: true,
                selfDefending: true,
                stringArray: false
            },
            {
                debugProtection: true,
                selfDefending: true,
                stringArray: true
            }
        ].forEach((webpackBootstrapOptions: Partial<TInputOptions>) => {
            describe(`Webpack bootstrap code. ${detailedDescription}. ${JSON.stringify(webpackBootstrapOptions)}`, () => {
                let evaluationResult: string;

                beforeEach(() => {
                    const code: string = readFileAsString(__dirname + '/fixtures/webpack-bootstrap.js');

                    const obfuscatedCode: string = JavaScriptObfuscator.obfuscate(
                        code,
                        {
                            ...baseOptions,
                            ...options,
                            ...webpackBootstrapOptions,
                            reservedNames: ['^foo$']
                        }
                    ).getObfuscatedCode();

                    try {
                        evaluationResult = eval(`
                            ${getEnvironmentCode()}
                            ${obfuscatedCode}
                        `);
                    } catch (e) {
                        throw new Error(`Evaluation error: ${e.message}. Code: ${obfuscatedCode}`);
                    }
                });

                it('should obfuscate code without any runtime errors after obfuscation: Variant #4 webpack bootstrap', () => {
                    assert.equal(evaluationResult, 'foo');
                });
            });
        });
    });
});