Last updated on October 24th, 2019
Last time, on Jscrambler 101 — Code Annotations, we talked about using Code Annotations and how they can be useful when protecting an App.
This time, we’re going to talk about Self Defending. This tutorial will be based on a video where we’ll show you our Self Defending transformation in action. We’re going to start with an unprotected space shooter game and we’ll try to tamper the game.
You can follow this tutorial in one of two ways: by reading through the steps and watching each video section as found below, or by watching the whole video with closed captions on. Note that the videos have no audio.
Attempts to tamper an unprotected game
This is our unprotected space shooter. You’ll notice that we have 3 rockets at the start of the game. There’s also a "Buy Rockets" button at the top of the screen which allows us to buy more credits and continue the game.
We will try to add rockets without clicking the button and, therefore, without buying them. In this case, for tutorial purposes, we don't have any trigger to process the payment when we click the button — but, if there was any, the game creator would be losing money with the tampering we’re about to do.
You can see below that, when we click the button, the number of rockets increases.
One of the things we can do now is inspect the button element and access the
onClick function in the "Event Listeners" tab. Now, we can add a breakpoint to the function and analyze the existing
cr Object for any ‘Rocket’ reference.
We have already developed a script to analyze the
cr Object and return any property with a ‘Rocket’ reference. As so, all we have to do is paste the script on our browser’s console and execute it. By doing that, we can see the returned properties that reference ‘Rocket’ on the bottom of the console:
We previously recorded what property we wanted after running the script and analyzing the properties. Now, we can use this property to add rockets. In this case, we’ll be adding 10 more rockets to our game. After that, you can see a total of 14 rockets at the top of the game:
Attempts to tamper a protected game
Now, we’re going to try the same thing on our protected game. This version is protected with Jscrambler's anti-debugging and anti-tampering, meaning we won’t be able to add the rockets as we did with our unprotected version of the same game. However, we’re still going to try.
Let's start by running the protected game. Since we have the browser's debugger opened, the game automatically pauses. Once we close it, the game will resume.
Another addition is that the code is harder to understand — it underwent several transformations to make it harder to interpret and replicate.
Once again, we try to inspect the rockets button, but this time we’re led back into the VM loop.
We can use the event listener for
onClick to get the triggered function. But we can’t add a breakpoint to it and resume execution without being led back to the VM loop.
We can also try to make use of the rocket element that was used in the unprotected version, but due to the Jscrambler’s polymorphic behavior, the element is different and can’t be found.
This tutorial sums up how our Self Defending transformation works, with anti-debugging and anti-tampering. You can follow the whole video below — just be sure to enable the closed captions to understand each step of the video.
Feel free to proceed to one of our other 101 Tutorials:
- Jscrambler 101 — First Use
- Jscrambler 101 — Code Annotations (Code Performance)
- Jscrambler 101 — Control Flow Flattening
- Jscrambler 101 — Code Locks
- Jscrambler 101 — How to use the CLI
- Jscrambler 101 — Source Maps
- Jscrambler 101 — Countermeasures
- Jscrambler 101 — Self-Healing
- Jscrambler 101 — Profiling (Code Performance)
- Jscrambler 101 — App Classification
- Jscrambler 101 — Memory Protection
- Jscrambler 101 — SIEM Integration
Enjoy your testing and start protecting your Applications ASAP! If you have any additional questions, feel free to contact us.