A naukri.com initiative
Dev
7d
395
Image Credit: Dev
TikTok Virtual Machine Reverse Engineering
- The TikTok Virtual Machine (VM) is reverse engineered in this project, focusing on deobfuscating the webmssdk.js file and decrypting its bytecode.
- The VM uses heavy obfuscation techniques like bracket notation indexing and function call disguising, making the code difficult to read.
- By deobfuscating the script and decrypting the XORed bytecode, the functionality of the VM is revealed, showing a sophisticated structure with scopes and nested functions.
- Virtual Machine decompiling involves writing appropriate code for each bytecode instruction, allowing for a form of decompilation to understand the VM's operations.
- Debugging the deobfuscated file involves replacing the original webmssdk.js with the deobfuscated version, enabling normal TikTok usage for testing and analysis.
- Reverse engineering also allows for generating signed URLs for performing authentication-based requests, utilizing functions like VM86, VM113, and VM189 for different headers.
- Special attention is given to understanding the functions of X-Bogus and _signature headers in requests and developing a signer tool for signing URLs appropriately.
- The reverse engineering process uncovers various obfuscation techniques used in the TikTok VM and provides insights into its evolving nature, necessitating ongoing decompilation efforts with each release.
Read Full Article
23 Likes
For uninterrupted reading, download the app