不是专业前端,代码潦草勿喷,思路大概就是下面这些,想要解混淆后的文件可以私我,去混淆脚本就不提供了,新版本字符串解密只能解一部分有很多没解出来但流程还是通的,替换之后也是能正常过的同理et开头的文件也是这个流程解混淆遍历 AST 并查找逗号表达式, 逗号转分号
最后压缩到了这么多case
void (...)
searchVoid = function (path) {
if (path.node.operator === 'void') {
// 获取 void 表达式中的内部表达式
const innerExpression = path.node.argument;
if (t.isNumericLiteral(innerExpression)) {
if (innerExpression.value === 0) {
return
path.replaceWith(innerExpression);
}B > 14 && (T_ = "", a = 14) : 18 == B
andToExpression = function (path) {
const node = path.node if (t.isBinaryExpression(node.left)) {
const ExpressionStatement = {
type: "ConditionalExpression",
test: node.left,
consequent: node.right,
alternate: {
type: "UnaryExpression",
operator: "void",
prefix: true,
argument: {
type: "NumericLiteral",
value: 0
path.replaceWith(ExpressionStatement)
}l = Nv ? 265472 : 8660480
l = Nv ? l = 265472 : l = 8660480
if (t.isConditionalExpression(node.right)) {
const ifStatement = t.ifStatement(
node.right.test,
t.blockStatement([t.expressionStatement(t.assignmentExpression(
node.operator,
node.left,
node.right.consequent
))]),
t.blockStatement([t.expressionStatement(t.assignmentExpression(
node.operator,
node.left,
node.right.alternate
))]),
// path.parent = ifStatement
// 替换原有的赋值表达式为 if...else 语句
path.replaceWithMultiple(ifStatement);
}const ternaryToIfElse = function (path) {
if (t.isConditionalExpression(node.expression)) {
path.replaceWith(t.ifStatement(
node.expression.test,
t.blockStatement([t.expressionStatement(node.expression.consequent)]),
t.blockStatement([t.expressionStatement(node.expression.alternate)])
};if (t.isExpressionStatement(path.parentPath)) {
if (t.isBlockStatement(path.parentPath.parentPath.node)) {
path.parentPath.parentPath.remove()
回复或点赞可查看完整内容
---
来源: 看雪论坛
原文链接: https://bbs.kanxue.com/thread-288448.htm
[原创]231解混淆
71 浏览
13 回复
感谢分享
感谢分享
感谢分享
感谢分享
感谢分享
感谢分享
tql
感谢分析
感谢分享
感谢分享
学习学习
感谢分享
Thanks