Jscrambler 101 — Self Defending
November 14th, 2023 | By Jscrambler | 3 min read
Last updated on August 23rd, 2023
Welcome back to Jscrambler 101! A collection of tutorials on how to use Jscrambler to protect your JavaScript. These tutorials cover Jscrambler version 8.2.
Introduction: Self Defending
Last time, on Jscrambler 101 — Code Annotations, we talked about using Code Annotations and how they can help protect an App.
This time, we will talk about Self-Defending. Read more about it in the complete documentation in our Help Center.
Attempts to tamper with an unprotected game
This is our unprotected space shooter. You’ll notice that we have 3 rockets at the start of the game. There’s also a "Buy Rockets" button at the top of the screen, which allows us to buy more credits and continue the game.
(0:16-0:23)
We will try to add rockets without clicking the button and, therefore, without buying them. In this case, for tutorial purposes, we don't have any trigger to process the payment when we click the button, but if there was any, the game creator would lose money with the tampering we’re about to do.
You can see below that when we click the button, the number of rockets increases.
One of the things we can do now is inspect the button element and access the onClick function in the "Event Listeners" tab. Now, we can add a breakpoint to the function and analyze the existing cr Object for any ‘Rocket’ reference.
(0:23-0:50)
We have already developed a script to analyze the cr Object and return any property with a ‘Rocket’ reference. As such, all we have to do is paste the script on our browser’s console and execute it. By doing that, we can see the returned properties that reference ‘Rocket’ on the bottom of the console:
(0:50-1:16)
We previously recorded what property we wanted after running the script and analyzing the properties. Now, we can use this property to add rockets. In this case, we’ll be adding 10 more rockets to our game. After that, you can see a total of 14 rockets at the top of the game:
(1:25-1:51)
Conclusion
This tutorial shows how our Self-defending transformation works with anti-debugging and anti-tampering.
Feel free to proceed to one of our other 101 Tutorials:
Jscrambler 101 — Code Annotations (Code Performance)
Jscrambler 101 — Profiling (Code Performance)
Enjoy your testing.
Start protecting your Applications ASAP! If you have any additional questions, contact our client-side security experts.
Jscrambler
The leader in client-side Web security. With Jscrambler, JavaScript applications become self-defensive and capable of detecting and blocking client-side attacks like Magecart.
View All ArticlesMust read next
Jscrambler 101 — Code Annotations
Welcome back to our 101 tutorials on how to use Jscrambler to protect your JavaScript. This time, we’re going to talk about Code Annotations.
May 28, 2024 | By Jscrambler | 8 min read
Jscrambler 101 — Self-Healing
Welcome back to our 101 tutorials on how to use Jscrambler to protect your JavaScript. This time, we’re going to explore our new layer: Self-Healing.
July 16, 2024 | By Jscrambler | 4 min read
