Tutorials Jscrambler

Jscrambler 101 — Self Defending

November 14th, 2023 | By Jscrambler | 3 min read

Last updated on August 23rd, 2023

Welcome back to Jscrambler 101! A collection of tutorials on how to use Jscrambler to protect your JavaScript. These tutorials cover Jscrambler version 8.2.

Introduction: Self Defending

Last time, on Jscrambler 101 — Code Annotations, we talked about using Code Annotations and how they can help protect an App.

This time, we will talk about Self-Defending. Read more about it in the complete documentation in our Help Center.

Attempts to tamper with an unprotected game

This is our unprotected space shooter. You’ll notice that we have 3 rockets at the start of the game. There’s also a "Buy Rockets" button at the top of the screen, which allows us to buy more credits and continue the game.
(0:16-0:23)

We will try to add rockets without clicking the button and, therefore, without buying them. In this case, for tutorial purposes, we don't have any trigger to process the payment when we click the button, but if there was any, the game creator would lose money with the tampering we’re about to do.

You can see below that when we click the button, the number of rockets increases.
One of the things we can do now is inspect the button element and access the onClick function in the "Event Listeners" tab. Now, we can add a breakpoint to the function and analyze the existing cr Object for any ‘Rocket’ reference.

(0:23-0:50)

We have already developed a script to analyze the cr Object and return any property with a ‘Rocket’ reference. As such, all we have to do is paste the script on our browser’s console and execute it. By doing that, we can see the returned properties that reference ‘Rocket’ on the bottom of the console:

(0:50-1:16)

We previously recorded what property we wanted after running the script and analyzing the properties. Now, we can use this property to add rockets. In this case, we’ll be adding 10 more rockets to our game. After that, you can see a total of 14 rockets at the top of the game:

(1:25-1:51)

Conclusion

This tutorial shows how our Self-defending transformation works with anti-debugging and anti-tampering.

Feel free to proceed to one of our other 101 Tutorials:

Enjoy your testing.

Start protecting your Applications ASAP! If you have any additional questions, contact our client-side security experts.

Jscrambler

The leader in client-side Web security. With Jscrambler, JavaScript applications become self-defensive and capable of detecting and blocking client-side attacks like Magecart.

View All Articles

Must read next

Jscrambler Tutorials

Jscrambler 101 — Code Annotations

Welcome back to our 101 tutorials on how to use Jscrambler to protect your JavaScript. This time, we’re going to talk about Code Annotations.

February 21, 2017 | By Jscrambler | 8 min read

Learn More
Jscrambler Tutorials

Jscrambler 101 — Self-Healing

Welcome back to our 101 tutorials on how to use Jscrambler to protect your JavaScript. This time, we’re going to explore our new layer: Self-Healing.

June 26, 2019 | By Jscrambler | 4 min read

Learn More
Section Divider

Subscribe to Our Newsletter

Project co-financed by (more info)

p2020