gittech. site
for different kinds of informations and explorations.
Enigma β A VM-Based JavaScript Obfuscator
Πnigma
π The first publicly available better javascript virtual machine obfuscator
This tool allows you to run JavaScript code on a custom-built JavaScript interpreter, effectively making reverse engineering harder.
In a nutshell, i called this as javascript version of webassembly.
π How It Works
Enigma VM obfuscates your javascript code by compiling it into a custom bytecode format that runs on an embedded javascript virtual machine.
β Why Enigma?
Unlike traditional obfuscators like obfuscator.io or js-confuser, Enigma analyzes the AST (Abstract Syntax Tree) and converts everything into bytecode before running it on a VM. To reverse this, one would need to create a disassembler (e.g. shape security VM decompiler), which is no trivial task.
Moreover, deobfuscating the original code from the disassembled output is extremely challenging. Most disassemblers display the code in an assembly-like format. This means that if the code is pre-obfuscated and then compiled/executed on the Enigma VM, the difficulty of reverse engineering increases significantly.
π AST informations that completely removed on compilation phase
- Variable names
- Structural differences in loops
- Labels
- And much more...
That being said, overconfidence is not advisable. Please use it in moderation. There is no such thing as obfuscation that makes reverse engineering impossible. Do not include personal information or passwords in code that gets compiled.
π Example
Check out the examples folder for sample compiled code!
π Quick Start
Installation
$ npm install enigma-vm
Usage Example
import { Compiler, InterpreterBuilder } from "enigma-vm";
(async function () {
const compiler = new Compiler();
const input = `
function sayHello(name) {
console.log("Hello,", name + "!");
}
for (let i = 0; i < 3; i++) {
sayHello("Me and " + i);
}
`;
compiler.compile(input);
const bytecode = compiler.constructBytecode();
const code = await new InterpreterBuilder().build(bytecode);
console.log(code);
})();
π Interpreter
This enigma virtual machine is a recreation of KASADA's virtual machine.
π Found a Bug?
If you encounter any issues, please open an issue! Don't submit any PRs until issue approved.
π Credits
A huge thank you to:
- umasi for creating the article and repository about KASADA VM.
- MichaelXF for inspiration from js-confuser.
- j4k0xb for the issue templates from webcrack.
π License
This project is licensed under the MIT License.