Understanding JavaScript packers – Trickster Dev

submited by

Style Pass

2023-05-30 10:30:03

In the world of desktop software, the concept of packer is not new. A packer is a tool that takes a binary executable file as input, applies transformations (e.g. compression, encryption, introducing anti-debugging tricks) and outputs a new, modified executable file that is different at binary level, but retains the functionality of original program. Some packers, such as UPX are only meant to make the executable files smaller. More advanced packers apply machine code encryption to make reverse engineering harder. The key to decrypt the machine code is hidden in a binary file and applied automatically when program is launched, but the encryption layer introduces a barrier for disassebling or decompiling the machine code, which increases the effort needed to reverse engineer the inner workings of a program.

But that’s old news. Nowadays a lot of software is web-based. But the thing is, the concept of packer is also applicable in JavaScript world. There are tools and techniques to transform JS code in such a way that it becomes smaller and/or less readable. Thus JS packing can be used as obfuscation technique. Note that I am not talking about simple code minification here. Instead, we’re going to see some techniques that are similar to executable packing from the compiled software world.