Nexe: Obfuscation Feature

Created on 15 Jan 2020  路  5Comments  路  Source: nexe/nexe

What would you like to be added: Code obfuscation feautre.

Why is this needed: When I tried to open the exe (express web app built using nexe), I found all the codes were visible. It would be better to have some code encryption feature before building the final exe.

feature

Most helpful comment

This feature would allow nexe to be used for commercial nodejs binaries for which companies don't want the source code to be visible. It could be awesome if we could implement it. 馃槂

All 5 comments

This feature would allow nexe to be used for commercial nodejs binaries for which companies don't want the source code to be visible. It could be awesome if we could implement it. 馃槂

I used javascript-obfuscator library to obfuscate the source code before building the exe.
It worked!! Now the source code is not visible.

But I don't know if the exe can be reverse engineered or not. Can anyone tell me how to decompile exe file built using nexe?

@sachinavinaw Basically there would a payload before the "built" executable. The JavaScript you provide won't and cannot be directly compiled to binary instructions. Instead what nexe does is, take the node executable (the actual binary) and your provided JavaScript code and add a small payload to execute your JavaScript when node executable is invoked. (If that makes sense 馃 ). In other words when you run the resultant executable node app.js will be run in the background.

So, your JavaScript code and the node executables can be clearly separated. If you have obfuscated your code, there are commercial as well as open-source solutions that can de-obfuscate the JavaScript code up to a certain level.

I request anyone knowing better than me, to correct me if I am wrong. 馃槄

^ What @vasanthdeveloper said

@sachinavinaw Basically there would a payload before the "built" executable. The JavaScript you provide won't and cannot be directly compiled to binary instructions. Instead what nexe does is, take the node executable (the actual binary) and your provided JavaScript code and add a small payload to execute your JavaScript when node executable is invoked. (If that makes sense ). In other words when you run the resultant executable node app.js will be run in the background.

So, your JavaScript code and the node executables can be clearly separated. If you have obfuscated your code, there are commercial as well as open-source solutions that can de-obfuscate the JavaScript code up to a certain level.

I request anyone knowing better than me, to correct me if I am wrong.

i reply sadly too sad but this is totaly wrong, nexe write source code directly readable with a text editor. Proof here :
https://i.imgur.com/hl2SeuD.png
Also you can see im obfuscating, exactly like said @sachinavinaw

Anyway bye

Was this page helpful?
0 / 5 - 0 ratings

Related issues

transitive-bullshit picture transitive-bullshit  路  6Comments

affanshahid picture affanshahid  路  3Comments

kgaidis picture kgaidis  路  3Comments

ryancat picture ryancat  路  6Comments

nroe picture nroe  路  7Comments