Mastodawn

DeMarcus

Dec 24, 2022

void

Reverse Engineering Tiktok's VM Obfuscation (Part 1)

Dropped a new blog post where I detail the start of my journey into TikTok's VM based obfuscation.

So far only covers the discovery of the script and how I dumped strings from each "program"

https://nullpt.rs/reverse-engineering-tiktok-vm-1

#tiktok #vm #reverseengineering #javascript #obfuscation #deobfuscation

Reverse Engineering Tiktok's VM Obfuscation (Part 1)

TikTok has a reputation for its aggressive data collection. The platform has implemented various methods to make it difficult for reverse-engineers to understand exactly what data is being collected and how it is being used.

@voidstar Good stuff

@voidstar Amazing blog post! Wild how WebGL can be used for fingerprinting

Show thread

void Dec 24, 2022

@0xdema I’m always surprised by how people repurpose various APIs for fingerprinting.

Show thread

JP Loh Dec 24, 2022

@voidstar Well done! Looking forward to part 2

Show thread

Maurizio Dec 24, 2022

@voidstar awesome reading, thank you!

Show thread

Aleksi Dec 24, 2022

@voidstar Amazing, this is right up my alley (so much so that I decided to sign up on this instance)!

Show thread

void Dec 24, 2022

@hannula glad to have you here!

Show thread

L_T_M_F Dec 24, 2022

@voidstar Very interesting read... I'm always impressed with folks like you able to crawl up the tree so much!

Show thread

Đł₴₵Ø₦₦Ɇ₵₮ɆĐ

Dec 25, 2022

@voidstar
Thanks for a great RE journey. Quite disturbing how they go through all these loops to hide how much they send back and how they fingerprint everyone.

Show thread