Comments by "kxmode" (@kxmode) on "Deciphering Obfuscated JavaScript Malware" video.

  1. I've seen obfuscated JS code that includes bit shifting, which is insanely difficult to reverse engineering. For example: // Original Code let result = 160; // Obfuscated Code let result = (5 << 5); // Bit shifting 5 left by 5 bits, equivalent to multiplying 5 by 2^5 Here's a basic combination of hexadecimal and bit shifting: let color = (1 << 24) | (0xFF << 16) | (0x90 << 8) | 0x88; And the mothership consisting of variable renaming, hexadecimal conversion, bit shifting, string encoding: let c = (1 << 24); c |= parseInt('FF', 16) << 16; c |= (0x90 << 8); c |= 0x88; let encodedString = 'c |= ' + (0x88).toString() + ';'; eval(encodedString); Of course, with AI, reversing engineering small JS code snippets is probably very easy to do.
    5
  2. I think she's being extra careful to isolate the output to the console
    4
  3.  @kurdm1482 well, yeah, you can look at the abstract syntax tree, but it still requires reversing engineering it.
    1
  4.  @DavidLindes  hmm... good to know. always thought console.log was a way to sandbox the code. A good note to self.
    1