WhiteSpace: A Different Approach to JavaScript Obfuscation

Presented at DEF CON 16 (2008), Aug. 8, 2008, 11:30 a.m. (20 minutes)

A different approach to JavaScript obfuscation will be presented. There are certain telltale indicators within an obfuscated JavaScript file which can be used for detection and protection. These signs occur in almost all obfuscated JavaScript and are easily detected via software and visual inspection. This different approach addresses these telltale indicators and provides a method of JavaScript obfuscation which hides these indicators from both automated and visual inspection.

Presenters:

• Kolisar - Security Researcher
  Kolisar began writing software at the age of 10. His first computer was a Commodore Vic-20 with a whopping 3K or RAM. After high school and attending a technical school he spent nearly 20 years as a software engineer writing CAM tools on UNIX and Windows, machine control and CRM software in C/C++, Java, JavaScript, VBScript, etc., and occasionally hand optimizing assembly graphics code for performance. He is currently working in the security department of a medium-sized company where he does security research, vulnerability and risk assessment, incident response and reverse engineering malware.

Links:

• https://defcon.org/html/defcon-16/dc-16-speakers.html#Kolisar
• https://www.youtube.com/watch?v=jWjtqoYABs4

Similar Presentations:

• BSidesSF 2022 Rescheduled / JavaScript Obfuscation - It’s All About the P-a-c-k-e-r-s
• AppSec USA 2014 / Warning Ahead: Security Storms are Brewing in Your JavaScript
• AppSec USA 2012 / KEYNOTE: Securing JavaScript by Douglas Crockford