Deobfuscate Javascript and reconstruct strings. Simplify cumbersome logic where possible while adhering to scope limitations.
Try it online @ restringer.tech
Requires Node 17 or newer.
git clone [email protected]:PerimeterX/restringer.git
cd restringer
npm install
The restringer.js uses generic deobfuscation methods that reconstruct and restore obfuscated strings and simplifies redundant logic meant only to encumber. REstringer employs the Obfuscation Detector to identify specific types of obfuscation for which there's a need to apply specific deobfuscation methods in order to circumvent anti-debugging mechanisms or other code traps preventing the script from being deobfuscated.
Output deobfuscated result to STDOUT (nothing will print if deobfuscation failed)
node restringer.js script.js
Show debug information and save deobfuscated script to script.js-<obfuscation-type>-deob.js
export DEOBDEBUG=true && node restringer.js script.js
Log level can be adusted via the DEOBDEBUGLEVEL
environment variable for more or less granular
log output. The default level is an arbitrary 50, simply to leave space for other levels to be added when needed.
export DEOBDEBUG=true && DEOBDEBUGLEVEL=50 && node restringer.js script.js
Level 1 is most verbose, level 2 is a good value to use for debugging.
const REstringer = require('restringer');
const restringer = new REstringer('"RE" + "stringer"');
if (restringer.deobfuscate()) {
console.log(restringer.script);
} else {
console.log('Nothing was deobfuscated :/');
}
// Output: 'REstringer';
- Replace environment variables with proper program arguments.
- Create binary tool that can be installed via
npm install -g restringer