The difference between minified JS and WASM is that you can un-minify one with relatively good results, whereas decompiling WASM is similar to decompiling normal binaries - pretty hard to read. This means that even experienced users can’t really understand or change WASM binaries.
Hmm i guess I just haven’t spent enough time trying to parse unminified js.
I still would think though, if the code is simple enough to understand when you unminify the js, equivalent code should be similarly simple to understand if it’s wasm passed through IDA.
You lose way more information during compilation than you do during minification. This makes reversing the latter much easier than the former.
Remember that JS is much, much higher level than WASM is. Each language will have their own special behaviours and constructs when compiled to WASM, so reversing an algorithm can look completely differently depending on the source language and environment.
For WASM you can probably use tools like ghidra to decompile and read.
Minified js not a lot better then raw ASM, single letter names and crazy optimisation patterns will make your life hell. Patching both I think is out of the question, maybe just inject some new js that interact with the DOM.
Did a bit of reverse engineering on binaries in my life, and also spent too much time reading the youtube minified js. Both are hard as hell.
For WASM you can probably use tools like ghidra to decompile and read.
Sure, as I said it’s similar to decompiling normal binaries, which is hard to read (even when you’re used to it).
Minified js not a lot better then raw ASM, single letter names and crazy optimisation patterns will make your life hell. Patching both I think is out of the question, maybe just inject some new js that interact with the DOM.
I’m not talking about reading minified JS. I’m saying: un-minifying JS gets you a way more readable result than decompiling native binaries does. I’ve done both more than often enough to know this difference well.
I’ve written mods and patches for dozens of minified sites, and it’s never been too hard. I’ve written mods and patches for native applications, and it’s waaaay harder - even just finding free space in the binary where you can inject your code and jump to/from is annoying, let alone actually writing your changes in ASM. All of this is immediately solved even with minified JS.
The difference between minified JS and WASM is that you can un-minify one with relatively good results, whereas decompiling WASM is similar to decompiling normal binaries - pretty hard to read. This means that even experienced users can’t really understand or change WASM binaries.
Hmm i guess I just haven’t spent enough time trying to parse unminified js.
I still would think though, if the code is simple enough to understand when you unminify the js, equivalent code should be similarly simple to understand if it’s wasm passed through IDA.
You lose way more information during compilation than you do during minification. This makes reversing the latter much easier than the former.
Remember that JS is much, much higher level than WASM is. Each language will have their own special behaviours and constructs when compiled to WASM, so reversing an algorithm can look completely differently depending on the source language and environment.
Ya, okay that is understandable.
To be honest I have never tried a wasm reversing challenge. I may need to give it a shot.
For WASM you can probably use tools like ghidra to decompile and read.
Minified js not a lot better then raw ASM, single letter names and crazy optimisation patterns will make your life hell. Patching both I think is out of the question, maybe just inject some new js that interact with the DOM.
Did a bit of reverse engineering on binaries in my life, and also spent too much time reading the youtube minified js. Both are hard as hell.
Sure, as I said it’s similar to decompiling normal binaries, which is hard to read (even when you’re used to it).
I’m not talking about reading minified JS. I’m saying: un-minifying JS gets you a way more readable result than decompiling native binaries does. I’ve done both more than often enough to know this difference well.
I’ve written mods and patches for dozens of minified sites, and it’s never been too hard. I’ve written mods and patches for native applications, and it’s waaaay harder - even just finding free space in the binary where you can inject your code and jump to/from is annoying, let alone actually writing your changes in ASM. All of this is immediately solved even with minified JS.