Because JavaScript is designed to expose the code itself to the user, it has been obfuscated for reverse engineering procedures or has been equipped with a debugger. A simple and effective countermeasure against such anti-debugging is summarized in the “nullpt.rs” blog that publishes JavaScript parsing technology.
Avoid anti-debugging javascript techniques
https://www.nullpt.rs/evading-anti-debugging-techniques
Debuggers are installed to analyze JavaScript behavior in many browsers. For example, in the case of Google Chrome, it can be accessed from the Source tab in Developer Tools. Open the JavaScript you want to parse, click on the left part of the code to set a breakpoint, and see the variables and the contents of the call stack when you get to that line.
In addition to setting from the GUI, breakpoints can also be set by inserting a “debugger” statement into the code. If the debugger is not open, the debugger statement will be ignored and will run normally, but if you open the debugger, it will pause when it reaches this line.
One of the anti-debugging techniques that uses the debugger statement mechanism is to prevent the debugger from being used by making this “debugger” statement infinitely repeated or entering it in large numbers. I can’t use breakpoints because too many unintentional pauses happen when parsing. Of course, you can ignore debugger statements by running “disable breakpoints”, but this will also disable user-specified breakpoints.
The solution the nullpt.rs authors have come up with is to “replace the reserved word debugger with another word”. Because the JavaScript language specification itself will change, it is said that the Firefox source code has been rewritten and rebuilt to achieve it.
The new reserved word approved this time is “Ticket_debugger”. By doing this, it is possible to completely ignore the debugger statements built into the code and pause only the parts that are necessary for parsing.
nullpt.rsThere are many other anti-debugging methods on the blog, so if you are interested, please check it out.
Copy the title and URL of this article
Related articles
“JavaScript” started here, the 1995 version of JavaScript looks like this – GIGAZINE
The James Webb Space Telescope is controlled by JavaScript – GIGAZINE
“ Do you want to get 100 dollars? Do you want to learn to code? ”Secret Story” That Homeless People Succeeded in Developing the GIGAZINE App
‘Stack Overflow Developer Survey 2022’, which summarizes current software development interviewed by 70,000 GIGAZINE developers
‘PrinceJS’ Review That Built ‘Prince of Persia’ Using JavaScript and Made It Runnable in a Browser – GIGAZINE
You mentioned that Firefox finally broke Chrome in the ‘SunSpider’ JavaScript benchmark test, but it indicated that SunSpider is out of date – GIGAZINE
“Travel maven. Beer expert. Subtly charming alcohol fan. Internet junkie. Avid bacon scholar.”
More Stories
Call of Duty: Black Ops 6 has released a trailer for the remastered version of the Nuketown map. Infected mode arrives today
What titles do you recommend for players who have never experienced the Golden Age of PlayStation 2? Introducing the games that experts love |.Game*Spark – the local and international gaming information site
CEO/Director of Sandbox ADV “Core Keeper,” which is selling well in Japan, asks for “ideas for communicating community love” in Japanese