search

mindedsecurity / JStillery

Advanced JavaScript Deobfuscation via Partial Evaluation
GNU General Public License v3.0
856 stars 143 forks source link

Values are propagated from conditionals which don't execute #4

Open samczsun opened 6 years ago

samczsun commented 6 years ago

Input:

x = 1;
if (false) {
    x--;
}
if (x == 0) {
  alert(1);
}

Output:

x = 1;
if (false) {
    1;
}
if (true) {
    alert(1);
}
wisec commented 6 years ago

Good one! The tricky part will be to discriminate when it’s ok to propagate values on more complex situations