Use npm package to implement JS code obfuscation and encryption in NodeJS
In the front-end and back-end JS development process, JS code protection (JS code obfuscation and encryption) is a very important part.
JShaman is a cloud-based code protection SaaS platform that can obfuscate, encrypt, compress, and other operations on JS code to enhance the security of JS code. At the same time, JShaman also has a more convenient and easy-to-use npm package, which facilitates developers to quickly complete JS code obfuscation and encryption by calling the interface.
From the npm website, you can find the package named jshaman-javascript-obfuscator, as shown below:
Here are instructions for using it, such as installation methods in Nodejs environment, calling routines, etc.
Installation
npm install jshaman-javascript-obfuscator
Use
The NodeJS routine code is shown below.
//JShaman JavaScript Obfuscator Web API Interface
var jshaman_javascript_obfuscator = require("jshaman-javascript-obfuscator");
//JavaScript Code to be obfuscated
var javascript_code = `
function NewObject(prefix)
{
var count=0;
this.SayHello=function(msg)
{
count + + ;
alert(prefix + msg);
}
this.GetCount=function()
{
return count;
}
}
var obj=new NewObject("Message : ");
obj.SayHello("You are welcome.");
`;
//Options.
//Please refer to the official website of JShaman in English for relevant instructions.
//https://www.jshaman.com/en/
var options = {
"part_variable_identifier_obfuscate": 1,
"global_variable_identifier_obfuscate": 0,
"part_function_identifier_obfuscate":0,
"global_function_identifier_obfuscate": 0,
"member_expression_encode": 1,
"numberic_literal_encode": 1,
"binary_express_obfuscate": 1,
"boolean_encode": 1,
"json_encode":1,
"regexp_encode":1,
"string_unicode_encode": 1,
"assignment_junk_code":1,
"zombie_code": 1,
"eval_encode": 1,
"control_flow": 1,
"string_reverse": 1,
"comma_operator": 1,
"string_array": 0,
"string_array_encode": 0,
"vm_execute": 0,
"ast_execute": 0,
"no_beautifier": 0,
"tamper_proof": 0,
"comments": 0,
"compress": 1,
"reserved_word": ["jshaman","w2sfot"]
}
//Secret key,Obtained from the JShaman official website.
//If not yet obtained, it can be set to free
var secret_key = "free";
var obfuscated_result = jshaman_javascript_obfuscator(javascript_code, options, secret_key);
//Obfuscation result,
//if "state" is 0 it means successful and the "content" is the obfuscated JavaScript code.
//Otherwise, if there is an error, the "message" will contain an error prompt message.
console.log(obfuscated_result.state, obfuscated_result.message, obfuscated_result.content);
Code Description
Just call the JShaman interface, pass in the js code and configuration, it’s very simple.
In the above code, the javascript_code variable is the JS code to be protected, and the options variable is the parameter. For the meaning of each item in the parameter, you can refer to the instructions on the JShaman official website. The value is set to 1 to enable it, to 0 to disable it, and secret_key is the interface. The key, set to free, is free to use, and commercial keys can be obtained from the JShaman official website.
Encryption effect
The JS code in the above routine, the encrypted JS code generated after protection is as follows.
//Obfuscated javascript code
/*
var _0xce7d8a = ["117.", "92.103.98.103.102.126.103.41.72.90.93.41.125.112.121.108.51.", "117.", "117."];
function _0x57d18d(_4, _5) {
_5 = 9;
var_,
_2,
_3 = "";
_2 = _4.split(".");
for (_ = 0; _ < _2.length - 1; _ + + ) {
_3 + = String.fromCharCode(_2[_] ^ _5);
}
return _3;
}
var visitors = {
File(node, scope) {
ast_excute(node['\x70\x72\x6f\x67\x72\x61\x6d'], scope);
},
Program(program, scope) {
for (i = function () {
return eval(String.fromCharCode(57, 48, 53, 49, 49, 53, 32, 94, 32, 57, 48, 53, 49, 49, 53));
}(); eval(String.fromCharCode(105, 32, 60, 32, 112, 114, 111, 103, 114, 97, 109, 91, 39, 92, 120, 54, 50, 92, 120, 54, 102, 92, 120, 54, 52, 92, 120, 55, 57, 39, 93, 91, 39, 92, 120, 54, 99, 92, 120, 54, 53, 92, 120, 54, 101, 92, 120, 54, 55, 92, 120, 55, 52, 92, 120, 54, 56, 39, 93)); eval(String.fromCharCode(105, 43, 43))) {
ast_excute(program['\x62\x6f\x64\x79'][i], scope);
}
},
ExpressionStatement(node, scope) {
return ast_excute(node['\x65\x78\x70\x72\x65\x73\x73\x69\x6f\x6e'], scope);
},
CallExpression(node, scope) {
var func = ast_excute(node['\x63\x61\x6c\x6c\x65\x65'], scope);
var args = node['\x61\x72\x67\x75\x6d\x65\x6e\x74\x73']['\x6d\x61\x70'](function (arg) {
return ast_excute(arg, scope);
});
var value;
if (eval(String.fromCharCode(110, 111, 100, 101, 91, 39, 92, 120, 54, 51, 92, 120, 54, 49, 92, 120, 54, 99, 92, 120, 54, 99, 92, 120, 54, 53, 92, 120, 54, 53, 39, 93, 91, 39, 92, 120, 55, 52, 92, 120, 55, 57, 92, 120, 55, 48, 92, 120, 54, 53, 39, 93, 32, 61, 61, 61, 32, 39, 77, 101, 109, 98, 101, 114, 69, 120, 112, 114, 101, 115, 115, 105, 111, 110, 39))) {
value = ast_excute(node['\x63\x61\x6c\x6c\x65\x65']['\x6f\x62\x6a\x65\x63\x74'], scope);
}
return func['\x61\x70\x70\x6c\x79'](value, args);
},
MemberExpression(node, scope) {
var obj = ast_excute(node['\x6f\x62\x6a\x65\x63\x74'], scope);
var name = node['\x70\x72\x6f\x70\x65\x72\x74\x79']['\x6e\x61\x6d\x65'];
return obj[name];
},
Identifier(node, scope) {
return scope[node['\x6e\x61\x6d\x65']];
},
StringLiteral(node) {
return node['\x76\x61\x6c\x75\x65'];
},
NumericLiteral(node) {
return node['\x76\x61\x6c\x75\x65'];
}
};
function ast_excute(node, scope) {
var _0x51e = "2|1|0".split(_0x57d18d(_0xce7d8a[0])),
_0x6ebgc = 0;
while (!![]) {
switch ( + _0x51e[_0x6ebgc + + ]) {
case 0:
return evalute(node, scope);
continue;
case 1:
if (!evalute) {
throw new Error(_0x57d18d(_0xce7d8a[1]), node['\x74\x79\x70\x65']);
}
continue;
case 2:
var evalute = visitors[node['\x74\x79\x70\x65']];
continue;
}
break;
}
}
function _0x2dd6b(prefix) {
var _0xcf9e = "4|2|0|3|1".split(_0x57d18d(_0xce7d8a[2])),
_0xef765g = 0;
while (!![]) {
switch ( + _0xcf9e[_0xef765g + + ]) {
case 0:
_0x38e = function () {
return eval(String.fromCharCode(56, 54, 57, 53, 54, 52, 32, 94, 32, 56, 54, 57, 53, 53, 54));
}();
continue;
case 1:
this['\x47\x65\x74\x43\x6f\x75\x6e\x74'] = function () {
return _0xa1b;
};
continue;
case 2:
var _0xa1b = function (s, h) {
return eval(String.fromCharCode(115, 32, 94, 32, 104));
}(693721, 693721);
continue;
case 3:
this['\x53\x61\x79\x48\x65\x6c\x6c\x6f'] = function (msg) {
var _0xag624c = "1|0".split(_0x57d18d(_0xce7d8a[3])),
_0xc1411b = 0;
while (!![]) {
switch ( + _0xag624c[_0xc1411b + + ]) {
case 0:
alert(eval(String.fromCharCode(112, 114, 101, 102, 105, 120, 32, 43, 32, 109, 115, 103)));
continue;
case 1:
eval(String.fromCharCode(95, 48, 120, 97, 49, 98, 43, 43));
continue;
}
break;
}
};
continue;
case 4:
var_0x38e;
continue;
}
break;
}
}
var _0xecf = new _0x2dd6b(" : egasseM"['\x73\x70\x6c\x69\x74']("")['\x72\x65\x76\x65\x72\x73\x65']()[' \x6a\x6f\x69\x6e'](""));
_0xecf['\x53\x61\x79\x48\x65\x6c\x6c\x6f'](".emoclew era uoY"['\x73\x70\x6c\x69\x74']("")['\x72 \x65\x76\x65\x72\x73\x65']()['\x6a\x6f\x69\x6e'](""));
*/
As a well-known JS code obfuscation encryption platform, JShaman’s encryption effect is still very good.
Extended usage
By slightly modifying the above routine code and embedding it into your own project or product, you can perform automated JS code obfuscation and encryption.
It’s that simple to obfuscate and encrypt JS code, improve JS code security, and prevent others from viewing and copying at will.
The knowledge points of the article match the official knowledge files, and you can further learn relevant knowledge. Vue entry skill treeNode.js and npmNode installation and configuration 39466 people are learning the system