Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

JSFuck variant using "([+<])". Has anybody tried this before? #122

Open
baboures opened this issue Jun 11, 2022 · 13 comments
Open

JSFuck variant using "([+<])". Has anybody tried this before? #122

baboures opened this issue Jun 11, 2022 · 13 comments

Comments

@baboures
Copy link

I don't know if anybody has ever done this before. I made a JSFuck variant using < instead of !.

JSFuckr: An esoteric language based on JSFuck

Try it!

Is this a novel idea, or I am reinventing the wheel? 😅

@kamil-kielczewski
Copy link
Contributor

kamil-kielczewski commented Jun 14, 2022

@baboures what are advantages of using < instead ! ?

For instance - for generate some letters JSFuck use deprecated methods like italics (which can be avoid but produce extremely long code) - are < is free of this?

https://stackoverflow.com/questions/63673610/alternative-way-to-get-c-letter-in-jsfuck

@baboures
Copy link
Author

baboures commented Jun 15, 2022

@kamil-kielczewski < also serves as a bitwise left shift operator <<. See this example: https://github.com/aemkei/jsfuck#numbers

However, I don't think using a left shift operator to generate numbers will lead to a shorter outcome for this specific charset.

4 = ([]<[+[]])<<([]<[+[]])<<([]<[+[]]) (34 chars)
4 = !+[]+!+[]+!+[]+!+[] (19 chars)

8 = ([]<[+[]])<<([]<[+[]])<<([]<[+[]])<<([]<[+[]]) (46 chars)
8 = !+[]+!+[]+!+[]+!+[]+!+[]+!+[]+!+[]+!+[] (39 chars)

PD: I also considered using the charset [(+=)]:

'false':      '[]==[]',
'true':       '[]==+[]',
'undefined':  '[][[]]',
'NaN':        '+[][[]]',

which is much worse than in the original JSFuck:

'false':      '![]',
'true':       '!![]',
'undefined':  '[][[]]',
'NaN':        '+[![]]',

so, all in all, []()!+ is the optimal charset.

Ultimately, my goal wasn't to beat the original JSFuck charset, but to find new exotic ways of writing JavaScript.
I decided to make a compiler for the charset ([+<]) just because it looks really cool 😎

@kamil-kielczewski
Copy link
Contributor

@baboures new exotic way is ok. However - can you show here how to produce letter C using ([+<]) ? (show intermediate steps and final form which use only ([+<]) )

@baboures
Copy link
Author

baboures commented Jun 23, 2022

@kamil-kielczewski The process is exactly the same as the original JSFuck. In fact, I just made a few changes to aemkei's compiler in order to switch to the ([+<]) charset. I will show step-by-step how to manually produce the letter C for educational purposes, although this is one of the hardest chars.

Show spoiler

C: escape("".italics())[2]

Since escape is a global function (i.e. it is a property of window), we can only get it via Function("return escape")():

Function("return escape")()(("")["italics"]())[2]

Let's start with the easy part: 2 can be rewritten as ([]<[+[]])+([]<[+[]]). So we have:

Function("return escape")()(("")["italics"]())[([]<[+[]])+([]<[+[]])]

Another easy one: the empty string "" alone can be translated into []+[]:

Function("return escape")()(([]+[])["italics"]())[([]<[+[]])+([]<[+[]])]. Now we continue with the letters:

r: (true+"")[1], true is ([]<[+[]]) and 1 is +([]<[+[]]). Also, bear in mind anything+"" is equivalent to anything+[].
r: (([]<[+[]])+[])[+([]<[+[]])]

e: (true+"")[3], 3 is ([]<[+[]])+([]<[+[]])+([]<[+[]]), so:
e: (([]<[+[]])+[])[([]<[+[]])+([]<[+[]])+([]<[+[]])]

t: (true+"")[0], 0 is +[], so:
t: (([]<[+[]])+[])[+[]]

u: (undefined+"")[0], undefined is [][[]], so:
u: ([][[]]+[])[+[]]

r: (we already have it)

n: (undefined+"")[1]
n: ([][[]]+[])[+([]<[+[]])]

: (NaN+[]["flat"])[11], NaN is +[[]<[]], 11 is +([]<[+[]])+[+([]<[+[]])], so:
: (+[[]<[]]+[]["flat"])[+([]<[+[]])+[+([]<[+[]])]],

and let's see flat:

f: (false+"")[0], where false is ([]<[])
f: (([]<[])+[])[+[]]

l: (false+"")[2]
l: (([]<[])+[])[([]<[+[]])+([]<[+[]])]

a: (false+"")[1]
a: (([]<[])+[])[+([]<[+[]])]

t: (true+"")[0]
t: (([]<[+[]])+[])[+[]]

So, we have:

flat = f+l+a+t = (([]<[])+[])[+[]]+(([]<[])+[])[([]<[+[]])+([]<[+[]])]+(([]<[])+[])[+([]<[+[]])]+(([]<[+[]])+[])[+[]]

Therefore:

: (+[[]<[]]+[][(([]<[])+[])[+[]]+(([]<[])+[])[([]<[+[]])+([]<[+[]])]+(([]<[])+[])[+([]<[+[]])]+(([]<[+[]])+[])[+[]]])[+([]<[+[]])+[+([]<[+[]])]]

Now, let's start with the string escape:

e: (we already have it)

s: (false+"")[3]
s: (([]<[])+[])[([]<[+[]])+([]<[+[]])+([]<[+[]])]

c: ([]["flat"]+"")[3]
c: ([][(([]<[])+[])[+[]]+(([]<[])+[])[([]<[+[]])+([]<[+[]])]+(([]<[])+[])[+([]<[+[]])]+(([]<[+[]])+[])[+[]]]+[])[([]<[+[]])+([]<[+[]])+([]<[+[]])]

a: (we already have it)

p: (+(211))["to"+String["name"]](31)[1]. Let's start with the numbers:

211: ([]<[+[]])+([]<[+[]])+[+([]<[+[]])]+[+([]<[+[]])]
31: ([]<[+[]])+([]<[+[]])+([]<[+[]])+[+([]<[+[]])]
1: +([]<[+[]])

Now the strings to and name:

t: (([]<[+[]])+[])[+[]] (we already have it)
o: (true+[]["flat"])[10], 10 is +([]<[+[]])+[+[]] and we have the rest so:
o: (([]<[+[]])+[][(([]<[])+[])[+[]]+(([]<[])+[])[([]<[+[]])+([]<[+[]])]+(([]<[])+[])[+([]<[+[]])]+(([]<[+[]])+[])[+[]]])[+([]<[+[]])+[+[]]]

n: (we already have it)
a: (we already have it)
m: (Number+"")[11], 11 is +([]<[+[]])+[+([]<[+[]])], and we can get the constructor Number with (+[])["constructor"]. We already have all the letters that make up the string constructor:

constructor = c+o+n+s+t+r+u+c+t+o+r = ([][(([]<[])+[])[+[]]+(([]<[])+[])[([]<[+[]])+([]<[+[]])]+(([]<[])+[])[+([]<[+[]])]+(([]<[+[]])+[])[+[]]]+[])[([]<[+[]])+([]<[+[]])+([]<[+[]])]+(([]<[+[]])+[][(([]<[])+[])[+[]]+(([]<[])+[])[([]<[+[]])+([]<[+[]])]+(([]<[])+[])[+([]<[+[]])]+(([]<[+[]])+[])[+[]]])[+([]<[+[]])+[+[]]]+([][[]]+[])[+([]<[+[]])]+(([]<[])+[])[([]<[+[]])+([]<[+[]])+([]<[+[]])]+(([]<[+[]])+[])[+[]]+(([]<[+[]])+[])[+([]<[+[]])]+([][[]]+[])[+[]]+([][(([]<[])+[])[+[]]+(([]<[])+[])[([]<[+[]])+([]<[+[]])]+(([]<[])+[])[+([]<[+[]])]+(([]<[+[]])+[])[+[]]]+[])[([]<[+[]])+([]<[+[]])+([]<[+[]])]+(([]<[+[]])+[])[+[]]+(([]<[+[]])+[][(([]<[])+[])[+[]]+(([]<[])+[])[([]<[+[]])+([]<[+[]])]+(([]<[])+[])[+([]<[+[]])]+(([]<[+[]])+[])[+[]]])[+([]<[+[]])+[+[]]]+(([]<[+[]])+[])[+([]<[+[]])]

Thus,

m: (Number+"")[11]
m: (Number+"")[+([]<[+[]])+[+([]<[+[]])]]
m: (Number+[])[+([]<[+[]])+[+([]<[+[]])]]
m: ((+[])["constructor"]+[])[+([]<[+[]])+[+([]<[+[]])]]
m

e: (we already have it)

so the letter p looks like this:

p: (+(211))["to"+String["name"]](31)[1]
p

As for the string italics, we have everything except the i.

i: ([false]+undefined)[10]
i: ([false]+undefined)[+([]<[+[]])+[+[]]]
i: ([false]+[][[]])[+([]<[+[]])+[+[]]]
i: ([false]+[][[]])[+([]<[+[]])+[+[]]]
i: ([([]<[])]+[][[]])[+([]<[+[]])+[+[]]]

Finally, the Function constructor can be obtained like this:

Function: []["flat"]["constructor"]
Function

So, putting everything together we get this beast for the character C:



All the pre-compilation mappings can be found in the code.

I hope this is helpful for somebody trying to build their own JSFuck variant or understanding how this variant works... 😅

@kamil-kielczewski
Copy link
Contributor

@baboures thanks for your effort. However may be there is a way to avoid deprecated methods (italics) in shorter way than in js fuck https://stackoverflow.com/a/63850312/860099 (which has ~16kb)

@baboures
Copy link
Author

baboures commented Jun 23, 2022

To keep backward compatibility with older code, I don't think browsers will remove the String#italics in a near future.

@kamil-kielczewski If the decoding is 16k characters long, what is the benefit of your solution over using italics()?

@kamil-kielczewski
Copy link
Contributor

@baboures - safety - if in future they remove this deprecated method - jsf will stop works (that 16kb alternative solve this - however I hope there is better solution)

@baboures
Copy link
Author

baboures commented Jun 24, 2022

@kamil-kielczewski do you consider solutions using escape/unescape? Those functions are not strictly deprecated as per the docs.

@wakfi
Copy link

wakfi commented Jun 24, 2022

I hope there is better solution

I found an approach using Function('return this')()['btoa']('p+m')[1] to produce letter C. The compiler spits out about 9kb when given that string, but when I found it I did it in ~4kb. Would that be a viable alternative? Or is there some reason for avoiding btoa that I'm missing?

For completeness, my 4.3kb solution
([][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+![]]])[([][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]]+[])[!+[]+!+[]+!+[]]+(([![]]+[])[+[]]+(+[![]]+([][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]]+[])))[+[+!+[]+[+[]]]]+(+[![]]+([][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]]+[]))[+[+!+[]+[+[]]]]+(![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+![]]+(!![]+[])[+!+[]]+(!![]+[])[!+[]+!+[]]+([][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+![]]+(([![]]+[])[+[]]+(+[![]]+([][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]]+[])))[+[+!+[]+[+[]]]]+(!![]+[])[+!+[]]]((!![]+[])[+!+[]]+(!![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+([][[]]+[])[+[]]+(!![]+[])[+!+[]]+([][[]]+[])[+!+[]]+(+[![]]+[][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]])[+!+[]+[+!+[]]]+(!![]+[])[+[]]+(+(+!+[]+[+[]]+[+!+[]]))[(!![]+[])[+[]]+(!![]+[][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]])[+!+[]+[+[]]]+([]+[])[([][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]])[+!+[]+[+[]]]+([][[]]+[])[+!+[]]+(![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[+!+[]]+([][[]]+[])[+[]]+([][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]])[+!+[]+[+[]]]+(!![]+[])[+!+[]]][([][[]]+[])[+!+[]]+(![]+[])[+!+[]]+((+[])[([][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]])[+!+[]+[+[]]]+([][[]]+[])[+!+[]]+(![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[+!+[]]+([][[]]+[])[+[]]+([][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]])[+!+[]+[+[]]]+(!![]+[])[+!+[]]]+[])[+!+[]+[+!+[]]]+(!![]+[])[!+[]+!+[]+!+[]]]](!+[]+!+[]+[+!+[]])[+!+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(![]+[])[!+[]+!+[]+!+[]])()[([][(!![]+[])[!+[]+!+[]+!+[]]+([][[]]+[])[+!+[]]+(!![]+[])[+[]]+(!![]+[])[+!+[]]+([![]]+[][[]])[+!+[]+[+[]]]+(!![]+[])[!+[]+!+[]+!+[]]+(![]+[])[!+[]+!+[]+!+[]]]()+[])[!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]])[+!+[]+[+[]]]+(![]+[])[+!+[]]]((+(!+[]+!+[]+[+!+[]]+[+!+[]]))[(!![]+[])[+[]]+(!![]+[][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]])[+!+[]+[+[]]]+([]+[])[([][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]])[+!+[]+[+[]]]+([][[]]+[])[+!+[]]+(![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[+!+[]]+([][[]]+[])[+[]]+([][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]])[+!+[]+[+[]]]+(!![]+[])[+!+[]]][([][[]]+[])[+!+[]]+(![]+[])[+!+[]]+((+[])[([][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]])[+!+[]+[+[]]]+([][[]]+[])[+!+[]]+(![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[+!+[]]+([][[]]+[])[+[]]+([][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]])[+!+[]+[+[]]]+(!![]+[])[+!+[]]]+[])[+!+[]+[+!+[]]]+(!![]+[])[!+[]+!+[]+!+[]]]](!+[]+!+[]+!+[]+[+!+[]])[+!+[]]+(+(+!+[]+(!+[]+[])[!+[]+!+[]+!+[]]+[+!+[]]+[+[]]+[+[]])+[])[!+[]+!+[]]+((+[])[([][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]])[+!+[]+[+[]]]+([][[]]+[])[+!+[]]+(![]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[])[+!+[]]+([][[]]+[])[+[]]+([][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]]+[])[!+[]+!+[]+!+[]]+(!![]+[])[+[]]+(!![]+[][(![]+[])[+[]]+(![]+[])[!+[]+!+[]]+(![]+[])[+!+[]]+(!![]+[])[+[]]])[+!+[]+[+[]]]+(!![]+[])[+!+[]]]+[])[+!+[]+[+!+[]]])[+!+[]]

@kamil-kielczewski
Copy link
Contributor

kamil-kielczewski commented Jun 24, 2022

@wakfi as it was written in this question https://stackoverflow.com/questions/63673610/alternative-way-to-get-c-letter-in-jsfuck - btoa not works on node.js (solution provided there has <1.5kb). @baboures escape/unescape solutions are also discussed in answers in that link

@wakfi
Copy link

wakfi commented Jun 24, 2022

@wakfi as it was written in this question https://stackoverflow.com/questions/63673610/alternative-way-to-get-c-letter-in-jsfuck - btoa not works on node.js

@kamil-kielczewski btoa is supported in nodejs under legacy stability level support. Apparently it was only added (as a global) in nodejs v16 though, I hadn't realized that. It was added (and will be kept) as a measure to improve interoperability between browser JavaScript and NodeJS JavaScript

@kamil-kielczewski
Copy link
Contributor

@wakfi thank you for that info - I will check it

@sofabeddd-old
Copy link

I tried making a version called JSFourk, where instead, you only get the characters []+!. Obviously you can't get as far with it as you can't call methods, but it had some interesting challenges to overcome with it:

In JSFuck you can use parentheses for the order of operations which is very useful. For example if I wanted to get the character f in JSFuck, I could just do this:

(![]+[])[+[]] // f

but without the use of parentheses, it adds a whole new aspect. The way to get around this is to simply put your expression into an array and select the first item from that array, like this:

[ /* expression */ ][+[]]

so the letter f in JSFourk would be this:

[![]+[]][+[]][+[]] // f

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

4 participants