Javascript obfuscators used in the wild

Published: 2010-03-05. Last Updated: 2010-03-05 16:43:23 UTC
by Kyle Haugsness (Version: 1)
2 comment(s)

I have been doing some research on Javascript obfuscators.  Various handlers have done stories in the past on how to reverse engineer obfuscated javascript that does evil things.  But I would be interested in hearing what kind of obfuscators people have been finding being used in the wild.  Are you able to identify the obfuscator just by looking at it?  What are the hardest off-the-shelf obfuscators to reverse-engineer?  I will collect responses and post them throughout the day (unless you wish the information to remain private).

-Kyle Haugsness

Keywords: JavaScript obfuscation
2 comment(s)

Comments

The Dean Edwards Packer is used quite a bit for packing/obfuscating scripts. Additionally stunnix is used quite a bit too.

Both of these can be identified.

anirban

Mar 5th 2010
1 decade ago

I'm not sure how to identify a given packer/obfuscator; JSUnpack (http://jsunpack.jeek.org/dec/go) takes care of them all, though. I've never met a script it couldn't handle.

computerfreaker

Mar 7th 2010
1 decade ago

Login here to join the discussion.


Top of page
Diary Archives