JStillery
JStillery Description
JStillery is an advanced JavaScript deobfuscator via Partial Evaluation. Through the use of various techniques, obfuscated JavaScript becomes more readable.
JStillery is designed both as a program for working on a personal computer and as an online service from the author.
Homepage: https://github.com/mindedsecurity/JStillery
Author: Stefano Di Paola
License: GPLv3
JStillery Help
Usage:
jstillery /path/to/file
The program has no options.
It supports standard input as well.
The program has a built-in web server and web interface.
JStillery Usage Example
Deobfuscate the /var/www/html/dvwa/vulnerabilities/javascript/source/high.js file:
./jstillery_cli.js /var/www/html/dvwa/vulnerabilities/javascript/source/high.js
Deobfuscation of a string “a= String.fromCharCode(41);b=a”.
echo 'a= String.fromCharCode(41);b=a' | ./jstillery_cli.js
How to install JStillery
Installation on Kali Linux
sudo apt install npm git clone https://github.com/mindedsecurity/JStillery cd JStillery sudo npm install
To compile the server:
npm run build_server
To start the server:
npm run start_server
After that, the web interface will be available at http://localhost:3001
Installation on Debian, Linux Mint, Ubuntu
sudo apt install git npm git clone https://github.com/mindedsecurity/JStillery cd JStillery sudo npm install
To compile the server:
npm run build_server
To start the server:
npm run start_server
After that, the web interface will be available at http://localhost:3001
Installation on BlackArch
The program is pre-installed on BlackArch.
sudo pacman -S jstillery
JStillery online service
It is not necessary to install the program on a computer, the author has created a page that can de-obfuscate JavaScript code: https://mindedsecurity.github.io/jstillery/
JStillery Screenshots
JStillery Tutorials
- How to deobfuscate JavaScript code
- How to see JavaScript code written using unprintable characters
- JavaScript Attacks
Related tools
- JS Beautifier (100%)
- UglifyJS (100%)
- de4js (100%)
- Binwalk (56.3%)
- Detect It Easy (56.3%)
- mat2 (RANDOM - 6.3%)
Comments are Closed