0

Is there a way to prevent de-obfuscating JavaScript code which has already been obfuscated.

Obfuscated JS:

var _0xb5ae=["\x73\x68\x6F\x77","\x2E\x6C\x6F\x61\x64\x65\x72","\x6D\x6F\x75\x73\x65\x6D\x6F\x76\x65","\x2E\x62\x6C\x6F\x63\x6B"];$(_0xb5ae[3])[_0xb5ae[2]](function(){clearTimeout(e);e= setTimeout(function(){$(_0xb5ae[1])_0xb5ae[0]},1000)})

Improve this question
3
  • 5
    yep, add a comment //Please be kind not to try to de-obfuscate this before your code, and you should be good. Commented Nov 30, 2016 at 6:30
  • 2
    @Kaiido That too was obscured! Commented Nov 30, 2016 at 6:31
  • 2
    "Obfuscator converts the JavaScript source code into obfuscated and completely unreadable form, preventing it from analysing and theft." I call that false advertising... Some people pay for it!!?? Commented Nov 30, 2016 at 6:39

2 Answers 2

Reset to default
3

No, there is no way to prevent deobfuscating, but you could probably minify it aggressively before obfuscating it, just to render it as complex as possible.

In any case, the client will be able to see the source, and with the right amount of motivation, there's nothing that can't be read and understood.

If you wish to protect your code, execute it only server-side.

Having said that, you can prevent (or at least limit) theft by using the appropriate license and/or copyright on your code. This of course will not prevent anyone from stealing it, but gives you a legal recourse in case they try to make money off your hard work.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

well, Thanks for your answer!
@HiteshMisro No problems. Some companies go very far into trying to make their JS unreadable, but it is a worthless endeavour. If the thing you are trying to protect is so valuable, someone will take the time to understand the code. Edited post to offer legal alternatives
1

Too easy brah!

var _0xb5ae =["\x73\x68\x6F\x77","\x2E\x6C\x6F\x61\x64\x65\x72","\x6D\x6F\x75\x73\x65\x6D\x6F\x76\x65","\x2E\x62\x6C\x6F\x63\x6B"];

var code = `$(_0xb5ae[3])[_0xb5ae[2]](function(){clearTimeout(e);e= setTimeout(function(){$(_0xb5ae[1])_0xb5ae[0]},1000)})`

function deObfuscate(code, keys) {
  for (let key in keys) {
    code = code.replace(new RegExp(key+'\\[(\\d+)\\]', 'gim'), (_, index) => {
      return `'${keys[key][index]}'`
    })
  }
  return code
}

console.log(
  deObfuscate(code, { _0xb5ae })
)

$('.block').mousemove(function(){
  clearTimeout(e)
  e = setTimeout(function(){
    $('.loader').show()
  }, 1000)
})
<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js"></script>

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.