Skip to content

JavaScript Packers

This article by SecureWorks, titled “The Packer 2.0 Threat”, is a good introduction to and overview of some of the most popular JavaScript packers. It discusses both the legitimate (although possibly misguided) uses of packers, as well as their role in obfuscating malware. The packers mentioned in the article include: Dojo ShrinkSafe, MOOtools, YUI Compressor, JSMin, and the Dean Edwards Packer.

Basically, the author argues that packing JavaScript leads to several unintended consequences that are bad for security. The most obvious problem is that it becomes much more difficult for network traffic inspection tools, including IDS, to tell the difference between friendly and malicious code. Other techniques, such as gzip compression, are probably good enough to improve bandwidth efficiency.


Diggdel.icio.usFacebookStumbleUpon
Post a comment Trackback URI RSS 2.0 feed for these comments This entry (permalink) was posted on Monday, January 28, 2008, at 20:08 by eugenekogan. Filed in development, reversing, security.

One Trackback/Pingback

  1. Casino 492100e444 on 17-Nov-08 at 0:35

    Casino 492100e444…

    Casino 492100e444…

Post a Comment

Your email is never published nor shared. Required fields are marked *
*
*