抽离混淆关键函数:

    混淆处理 - 图1

    把混淆的关键函数,换成node.js参数传参的格式:

    混淆处理 - 图2

    写替换脚本,对所有类似CZ(0X495)的文本统统替换成真实函数,比如:

    e.g:

    1. import re
    2. import subprocess
    5. def exec_value(hex_string):
    6.     res = subprocess.check_output(f"node part.js {hex_string}")
    7.     char_string = res.decode('utf-8').strip()
    8.     return char_string
    11. def run():
    12.     with open("f1.js", mode='r', encoding='utf-8') as f1, open("f2.js", mode='w', encoding='utf-8') as f2:
    13.         for line in f1:
    14.             if not line:
    15.                 f2.write(line)
    16.                 continue
    17.             match_list = re.findall(r"(QC\((.*?)\))", line)
    18.             for total, arg in match_list:
    19.                 real_value = exec_value(arg)
    20.                 line = line.replace(total, f'"{real_value}"')
    21.             f2.write(line)
    24. if __name__ == '__main__':
    25.     run()