渗透测试之Webpack打包Vue源码还原

1. 找到源码的map文件，然后下载

2. 使用npm 安装reverse-sourcemap

npm install --global reverse-sourcemap

3. 进行还原操作

╰─ reverse-sourcemap --help
reverse-sourcemap - Reverse engineering JavaScript and CSS sources from sourcemaps
Usage: reverse-sourcemap [options] <file|directory>

-h, --help Help and usage instructions
-V, --version Version number
-v, --verbose Verbose output, will print which file is currently being processed
-o, --output-dir String Output directory - default: .
-M, --match String Regular expression for matching and filtering files - default: \.map$
-r, --recursive Recursively search matching files

╰─ reverse-sourcemap --output-dir ./xxx  app.1c489f3ee0a84d6f8c46.js.map
reverse-sourcemap - Reverse engineering JavaScript and CSS sources from sourcemaps

 分析源码，找到利用的接口

参考：

https://www.npmjs.com/package/reverse-sourcemap

https://yukaii.tw/blog/2017/02/21/restore-source-code-from-sourcemap-file/

https://yukaii.tw/blog/2017/02/21/restore-source-code-from-sourcemap-file/

https://www.npmjs.com/package/restore-source-tree

https://www.npmjs.com/package/reverse-sourcemap

FROM https://www.cnblogs.com/hack404/p/12509359.html