Hacker News new | ask | show | jobs
by michaelsbradley 1428 days ago
That's why they wrote "Anyone dedicated enough can de-compile that javascript..."

Meaning, effectively, it can be de-obfuscated into code with control flow that's readily understood by a human, even if it would take some patience and practice (and the right tools) to perform the de-obfuscation.

Re: the FreeSlots.com program, https://deobfuscate.io shows that most of the obfuscation is related to decoding characters per some algorithm of their devising and eventually eval'ing the string as a JS program. There are likely several tricky rounds of that technique (and others) used at layers within the obfuscated code.

If the FreeSlots devs are clever, then they likely have a scheme to randomly generate the code they want (producing their desired result in terms of odds), where the random part is w.r.t. how the obfuscation layers are composed. Done well, that could make it rather difficult to mechanically de-obfuscate their code changing over time, i.e. without a human intervening to help identify the distinct layers because... parsers are hard.
1 comments
zamadatix 1428 days ago
As the other commenter said I think everyone understands it is feasible for someone here to accomplish de-obfuscating the code but the actual question was "Can anyone decode this and figure out the odds generator?". As in "can anyone take out the trash" like actually take the time to do the work of taking out the trash. Not as in explain that it is in fact possible for a dedicated person to tie up a bag, lift it out of the bin, take it outside, and put it in a dumpster. One of those quirks of speech.

I gave it a quick shot with some spare time, was selfishly hoping someone else had done the work when I checked back :p.

link
michaelsbradley 1428 days ago
If the economic incentive (or some other abstruse incentive) is great enough for a someone, then that someone will do it, if it's strictly possible and within the scope of their resources, i.e. because they stand to gain / be fulfilled / for the fun of it / experience fame and glory / etc.
link
zamadatix 1428 days ago
Perhaps the original ask is better explained as: a request for someone here do the actual deobfuscation.
link
michaelsbradley 1428 days ago
Nice way to put it. :-)

I don't feel so incentivized at present, sorry if I'm letting you down.

link