在NodeJS中使用npm包实现JS代码混淆加密 |
您所在的位置:网站首页 › javascript代码压缩 › 在NodeJS中使用npm包实现JS代码混淆加密 |
在NodeJS中使用npm包实现JS代码混淆加密
|
使用npm包,在NodeJS中实现JS代码混淆加密 在前后端JS开发过程中,JS代码保护(JS代码混淆加密)是非常重要的一环。 JShaman是一个云端的代码保护Saas平台,可以对JS代码进行混淆、加密、压缩等操作,从而增强JS代码的安全性。同时,JShaman还有更方便易用的npm包,方便开发人员通过调用接口的方式,快速完成JS代码混淆加密。 从npm网站,可以找到名为jshaman-javascript-obfuscator的包,如下图所示:  这里有对它的使用说明,如在Nodejs环境中的安装方法,调用例程,等。 安装 npm install jshaman-javascript-obfuscator使用 NodeJS例程代码如下所示。 //JShaman JavaScript Obfuscator Web API Interface var jshaman_javascript_obfuscator = require("jshaman-javascript-obfuscator"); //JavaScript Code to be obfuscated var javascript_code = ` function NewObject(prefix) { var count=0; this.SayHello=function(msg) { count++; alert(prefix+msg); } this.GetCount=function() { return count; } } var obj=new NewObject("Message : "); obj.SayHello("You are welcome."); `; //Options. //Please refer to the official website of JShaman in English for relevant instructions. //https://www.jshaman.com/en/ var options = { "part_variable_identifier_obfuscate": 1, "global_variable_identifier_obfuscate": 0, "part_function_identifier_obfuscate":0, "global_function_identifier_obfuscate": 0, "member_expression_encode": 1, "numberic_literal_encode": 1, "binary_express_obfuscate": 1, "boolean_encode": 1, "json_encode":1, "regexp_encode":1, "string_unicode_encode": 1, "assignment_junk_code":1, "zombie_code": 1, "eval_encode": 1, "control_flow": 1, "string_reverse": 1, "comma_operator": 1, "string_array": 0, "string_array_encode": 0, "vm_execute": 0, "ast_execute": 0, "no_beautifier": 0, "tamper_proof": 0, "comments": 0, "compress": 1, "reserved_word": ["jshaman","w2sfot"] } //Secret key,Obtained from the JShaman official website. //If not yet obtained, it can be set to free var secret_key = "free"; var obfuscated_result = jshaman_javascript_obfuscator(javascript_code, options, secret_key); //Obfuscation result, //if "state" is 0 it means successful and the "content" is the obfuscated JavaScript code. //Otherwise,if there is an error,the "message" will contain an error prompt message. console.log(obfuscated_result.state, obfuscated_resulssage, obfuscated_result.content);代码说明 调用JShaman接口,传入js代码、配置即可,非常简单。 上面的代码中,javascript_code变量是要保护的JS代码,options 变量是参数,参数中各项目的含义,可以参考JShaman官网的说明,值设为1表示启用、设为0表示不启用,secret_key是接口密钥,设为free是免费使用,商业的密钥可以从JShaman官网获得。 加密效果 上面例程中的JS代码,保护后生成的加密JS代码如下所示。 //Obfuscted javascript code /* var _0xce7d8a = ["117.", "92.103.98.103.102.126.103.41.72.90.93.41.125.112.121.108.51.", "117.", "117."]; function _0x57d18d(_4, _5) { _5 = 9; var _, _2, _3 = ""; _2 = _4.split("."); for (_ = 0; _ < _2.length - 1; _++) { _3 += String.fromCharCode(_2[_] ^ _5); } return _3; } var visitors = { File(node, scope) { ast_excute(node['\x70\x72\x6f\x67\x72\x61\x6d'], scope); }, Program(program, scope) { for (i = function () { return eval(String.fromCharCode(57, 48, 53, 49, 49, 53, 32, 94, 32, 57, 48, 53, 49, 49, 53)); }(); eval(String.fromCharCode(105, 32, 60, 32, 112, 114, 111, 103, 114, 97, 109, 91, 39, 92, 120, 54, 50, 92, 120, 54, 102, 92, 120, 54, 52, 92, 120, 55, 57, 39, 93, 91, 39, 92, 120, 54, 99, 92, 120, 54, 53, 92, 120, 54, 101, 92, 120, 54, 55, 92, 120, 55, 52, 92, 120, 54, 56, 39, 93)); eval(String.fromCharCode(105, 43, 43))) { ast_excute(program['\x62\x6f\x64\x79'][i], scope); } }, ExpressionStatement(node, scope) { return ast_excute(node['\x65\x78\x70\x72\x65\x73\x73\x69\x6f\x6e'], scope); }, CallExpression(node, scope) { var func = ast_excute(node['\x63\x61\x6c\x6c\x65\x65'], scope); var args = node['\x61\x72\x67\x75\x6d\x65\x6e\x74\x73']['\x6d\x61\x70'](function (arg) { return ast_excute(arg, scope); }); var value; if (eval(String.fromCharCode(110, 111, 100, 101, 91, 39, 92, 120, 54, 51, 92, 120, 54, 49, 92, 120, 54, 99, 92, 120, 54, 99, 92, 120, 54, 53, 92, 120, 54, 53, 39, 93, 91, 39, 92, 120, 55, 52, 92, 120, 55, 57, 92, 120, 55, 48, 92, 120, 54, 53, 39, 93, 32, 61, 61, 61, 32, 39, 77, 101, 109, 98, 101, 114, 69, 120, 112, 114, 101, 115, 115, 105, 111, 110, 39))) { value = ast_excute(node['\x63\x61\x6c\x6c\x65\x65']['\x6f\x62\x6a\x65\x63\x74'], scope); } return func['\x61\x70\x70\x6c\x79'](value, args); }, MemberExpression(node, scope) { var obj = ast_excute(node['\x6f\x62\x6a\x65\x63\x74'], scope); var name = node['\x70\x72\x6f\x70\x65\x72\x74\x79']['\x6e\x61\x6d\x65']; return obj[name]; }, Identifier(node, scope) { return scope[node['\x6e\x61\x6d\x65']]; }, StringLiteral(node) { return node['\x76\x61\x6c\x75\x65']; }, NumericLiteral(node) { return node['\x76\x61\x6c\x75\x65']; } }; function ast_excute(node, scope) { var _0x51e = "2|1|0".split(_0x57d18d(_0xce7d8a[0])), _0x6ebgc = 0; while (!![]) { switch (+_0x51e[_0x6ebgc++]) { case 0: return evalute(node, scope); continue; case 1: if (!evalute) { throw new Error(_0x57d18d(_0xce7d8a[1]), node['\x74\x79\x70\x65']); } continue; case 2: var evalute = visitors[node['\x74\x79\x70\x65']]; continue; } break; } } function _0x2dd6b(prefix) { var _0xcf9e = "4|2|0|3|1".split(_0x57d18d(_0xce7d8a[2])), _0xef765g = 0; while (!![]) { switch (+_0xcf9e[_0xef765g++]) { case 0: _0x38e = function () { return eval(String.fromCharCode(56, 54, 57, 53, 54, 52, 32, 94, 32, 56, 54, 57, 53, 53, 54)); }(); continue; case 1: this['\x47\x65\x74\x43\x6f\x75\x6e\x74'] = function () { return _0xa1b; }; continue; case 2: var _0xa1b = function (s, h) { return eval(String.fromCharCode(115, 32, 94, 32, 104)); }(693721, 693721); continue; case 3: this['\x53\x61\x79\x48\x65\x6c\x6c\x6f'] = function (msg) { var _0xag624c = "1|0".split(_0x57d18d(_0xce7d8a[3])), _0xc1411b = 0; while (!![]) { switch (+_0xag624c[_0xc1411b++]) { case 0: alert(eval(String.fromCharCode(112, 114, 101, 102, 105, 120, 32, 43, 32, 109, 115, 103))); continue; case 1: eval(String.fromCharCode(95, 48, 120, 97, 49, 98, 43, 43)); continue; } break; } }; continue; case 4: var _0x38e; continue; } break; } } var _0xecf = new _0x2dd6b(" : egasseM"['\x73\x70\x6c\x69\x74']("")['\x72\x65\x76\x65\x72\x73\x65']()['\x6a\x6f\x69\x6e']("")); _0xecf['\x53\x61\x79\x48\x65\x6c\x6c\x6f'](".emoclew era uoY"['\x73\x70\x6c\x69\x74']("")['\x72\x65\x76\x65\x72\x73\x65']()['\x6a\x6f\x69\x6e']("")); */做为颇具知名度的JS代码混淆加密平台,JShaman的加密效果还是很不错的。 扩展使用 把上述例程代码稍加改造,嵌入到自己的项目或产品中,就可以进行自动化的JS代码混淆加密了。 混淆加密JS代码、提高JS代码安全性,防止他人随意查看、复制,就是如此简单。 |
【本文地址】
今日新闻 |
推荐新闻 |