Closed AnnonyA closed 3 months ago
depends what compiler they are using. It is usually quite easy to decompile nodejs programs. The main compilers are pkg and nexe which there are decompilers on github for both of these. To find out what compiler is used you can open the compiled program in a text editor like vscode and search for the term "pkg" or "nexe".
So, there's no possible way to get the real source code or some of them good, or just the strings?
Hello, sorry for the long response time, first of all if you have an executable you'll need to decompile it, decompiling depends on the compilation method, in the case of malicious software made in javascript with NodeJS, it may be with pkg or directly with NSIS, then once the obfuscated program is obtained, if it's obfuscated by JSConfuser, it is possible via my project to recover the strings of the decrypted base program, now if you're looking to reconstitute the program completely, to the best of my knowledge there is no program that can automate this, so you have to do it manually, JSConfuser obfuscation isn't as complex as all that, it's just very strange compared to other obfuscations such as obfuscator. io or even JSDefender, the only problem is that this task takes a lot of time, so for lack of time I preferred to at least do a string decryptor to get the important values, currently I don't have enough time to work on this, I'm swamped with classes, I apologise, but to answer your question, if the code is compiled you'll have to decompile it first, and it is indeed possible to unobfuscate and reconstitute an obfuscated program using JSConfuser, but that takes a lot of time. Furthermore, an obfuscation does not guarantee the security of a system; any determined person given enough time will sooner or later succeed in breaking an obfuscation.
is this for? https://js-confuser.com/
Hello, yes this is a JSConfuser string decryptor. Due to lack of time I was unable to create the entire desobfuscator :c
this is nice but due to me being on a cromebook idk if i can use this
I've never used a chromebook, but as long as you can install nodejs, you should be able to use it. If not, it should also work on Linux, so if you have an Android phone, you should be able to use it via Termux.
yea bro i got it
Some guys, compile the compiled code, so what i mean whit this?, if can decompile the decompiled, if can do decompile the strings and the entire code like the name of variables and functions. Thanks