Introduction to the Principles of JavaScript Encryption and JavaScript Obfuscation

WangLiwen - Oct 8 '23 - - Dev Community

Introduction to the Principles of JavaScript Encryption and JavaScript Obfuscation

JavaScript encryption, JavaScript obfuscation, and JavaScript obfuscation encryption all refer to the process of encrypting JavaScript code to make it unreadable and thereby protect its integrity.

The principles can be roughly divided into two categories, as outlined below.

The first involves direct character replacement, such as Eval encryption or JJEncode encryption. This approach involves directly processing JavaScript code and is reversible. When executed, encrypted code undergoes decryption algorithms to restore the original code for execution. This is a simple form of encryption obfuscation that is reversible and easy to decrypt, resulting in low security.

The second category differs greatly from the first in that it does not directly analyze and encrypt JavaScript code, but instead performs low-level processing. It first performs lexical analysis and syntax analysis of JavaScript code to convert it into an AST (Abstract Syntax Tree). After obtaining the AST, obfuscation and encryption operations are performed within the AST, and after completing the encrypted AST, the original code is regenerated based on the AST to create a new ciphertext JavaScript code. Professional JavaScript code encryption obfuscation tools, such as JShaman and JScrambler, fall into this category. Obfuscated JavaScript code cannot be understood by humans but can be recognized and executed by machines without undergoing decryption. Therefore, there is no issue with reversing the code through decryption, resulting in high security. This method is widely recognized and used in the industry.

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Terabox Video Player