A super compact (116-byte) bootstrap that hides JavaScript using a Proxy trap to run code. When an invisible property is accessed, the property name is converted to binary, decoded into text, and executed with eval.
Created by Martin Kleppe aka @aemkei.
// use a Proxy
new Proxy({}, {
// property trap
get: (_, n) =>
// execute code
eval([...n]
// convert to 0 and 1
.map(n => +("ᅠ" > n)).join(``)
// get byte sequences
.replace(/.{8}/g, n =>
// convert binary to string
String.fromCharCode(+("0b" + n))
)
)
}).
Proxy Trap: A `Proxy` object is created with a `get` trap, which intercepts any attempt to access a property. When a property is accessed on this proxy, the trap receives the property name as input.
Invisible Character Encoding: The property name is made up of specific invisible characters. Each character in the name is compared against a reference invisible character (Hangul filler), and the result of this comparison is used to produce either a 1 or a 0.
Binary to Text Conversion: The resulting binary sequence is joined into a single string, which is then grouped into segments of 8 bits, representing individual bytes. Each byte is then converted into its corresponding ASCII character.
Code Evaluation: The decoded characters from each accessed property name are accumulated into a larger string, representing executable JavaScript code. Once all characters are decoded, this string is passed to `eval`, which executes the code.
Obfuscation: This approach obfuscates the actual code by hiding it within seemingly blank or meaningless property names. The use of a `Proxy` and `eval` enables this hidden code to be executed without any readable JavaScript code directly visible in the source.
#
#
##
# #
## # #
## # # # #
# # # # ##
# # # # # #
# # # # # #
2024 - Martin Kleppe