Reverse engineering GoDaddy's tracking script

CapacitorSet · on Jan 16, 2019

  void 0 !== b &&
      //node testability hack
      (b.tcg = c);

>I'll be blunt, I can't work out what this does, but I don't believe it's significant in the browser. If a node person wants to add input here, please do.

I don't know if OP is reading this thread, but this is a minified and then beautified version of `if (b !== undefined) b.tcg = c`.

typicalbender · on Jan 16, 2019

This stack overflow[1] post goes into some more detail about why specifically that syntax.

tl;dr is that you can actually redefine the keyword `undefined` since its actually a global property and not reserved. void 0 will always return you the true value of undefined so it will work in all cases regardless of external shenanigans. Pretty neat.

[1] https://stackoverflow.com/questions/7452341/what-does-void-0...

saagarjha · on Jan 16, 2019

> you can actually redefine the keyword `undefined` since its actually a global property and not reserved

This is horrible :(

olliej · on Jan 17, 2019

Undefined on the global object has been read only since es3.1 I think.

However you can still declare variables named undefined that get their own storage and so can have any value. Originally “undefined” didn’t exist in the global scope so many sites had “var undefined” or function f(..., undefined){..} to get a reference to the value.

philpem · on Jan 16, 2019

Nice little teardown. It's interesting seeing this written in a way which could just as easily be used as a stepping-stone to analyse other tracking scripts.

I always wondered how people figured out what minified scripts did.

Dirlewanger · on Jan 16, 2019

Personally I think it's a bit of a stretch to call expanding minified JS and renaming functions/variables "reverse engineering". Everything is still there in its original form.

barbecue_sauce · on Jan 16, 2019

Ehh, its pretty conceptually similar to the workflow of using Ida or radare2. Not as complex as binary RE, but there is some (minimal) obfuscation involved.

jstarfish · on Jan 16, 2019

Reverse engineering has always had some sort of black box element to it.

Call it deobfuscation, code translation or simply reading, but calling parsing of Javascript reverse engineering is just title inflation.

saagarjha · on Jan 16, 2019

As the parent comment said, this is reverse engineering just as looking at binaries is reverse engineering. This is actually quite similar to naming variables and functions in a decompiled C view.

daef · on Jan 16, 2019

...waiting >5secs for white to disappear - now that I know that this results from amp I don't bother waiting anymore. f#(% amp.

Cthulhu_ · on Jan 16, 2019

That was mentioned in another post; there's a fallback "graceful appear" css animation, to prevent pop-in; normally the AMP JS will do this appear animation, but script / tracking blockers block the AMP javascript, thus the fallback causes a poor UX.