from http://tirania.org/blog/archive/2007/Nov-16-1.html
the how-to follows, but I recommend to read the article..
If .. you want to prepare for your interview at Google, Jeff Walden suggests a hard-core approach:
…SpiderMonkey, Mozilla’s C JavaScript engine, … includes a decompiler which translates from SpiderMonkey bytecode to JavaScript (most people only use it the other way around). You can see it at work any time you convert a function to a string. … SpiderMonkey … decompiles the bytecode back to a JavaScript string representing the function as exactly as possible, while … formatting the decompiled source to be reasonably readable.
How … to reformat obfuscated source?
First, you get a copy of SpiderMonkey:
export CVSROOT=:pserver:anonymous@cvs-mirror.mozilla.org:/cvsroot
cvs co mozilla/js/src
cd mozilla/js/src
make -f Makefile.ref clean && make -f Makefile.ref # work around broken dependency system
./Linux_All_DBG.OBJ/js # to run the interpreter
Next, you dump the JS code you want to reformat into a function, and you have SpiderMonkey pretty-print it:
echo “function container() {” > obfuscated.js
cat file-to-clean-up.js >> obfuscated.js
echo “} print(container.toString());” >> obfuscated.js
path/to/js -f obfuscated.js
SpiderMonkey will then print the container function’s string representation, adjusting indentation and such to create a readable, if still name-obfuscated, version.
A couple things to know about this: first, SpiderMonkey doesn’t pretty-print functions found in expression context:
(function() {
print(“this won’t get cleaned up”);
})();
call_method(function() {
print(“this will probably be crunched to one line”);
print(“not pretty-printed”);
});
These examples are converted (once stripped of the containing function) to:
(function () {print(“this won’t get cleaned up”);}());
call_method(function () {print(“this will probably be crunched to one line”);print(“not pretty-printed”);});