Updated How to obfuscate JavaScript in Metasploit (markdown)

How-to-obfuscate-JavaScript-in-Metasploit.md

@@ -125,7 +125,7 @@ puts html
 
 ## The JSObfu class
 
-The JSObfu class is like ObfuscateJS' cousin, so it shares some similar obfuscation characteristics. The main difference is that it uses [rkelly](https://rubygems.org/gems/rkelly) (a ruby-based JavaScript parser) for smarter code mutation. You no longer have to manually specify what symbol names to change, it just knows.
+The JSObfu class used to be ObfuscateJS' cousin, but it has been completely rewritten. Most of its obfuscation power comes from [rkelly](https://rubygems.org/gems/rkelly) (a ruby-based JavaScript parser), and it is actually a gem. The obfuscation is more complex and you can actually tell it to obfuscate multiple times. You also no longer have to manually specify what symbol names to change, it just knows.
 
 Let's get back to irb again to demonstrate how easy it is to use JSObfu:
 
@@ -149,8 +149,7 @@ This time we'll do a "hello world" example:
 And here's the output:
 
 ```
->> puts js
-alert(String.fromCharCode(104,0145,108,0x6c,0157,44,0x20,0x77,0x6f,0x72,0154,0x64,041));
+window[(function () { var _d="t",y="ler",N="a"; return N+y+_d })()]((function () { var f='d!',B='orl',Q2='h',m='ello, w'; return Q2+m+B+f })());
 ```
 
 Like ObfuscateJS, if you need to get the randomized version of a symbol name, you can still do that. We'll demonstrate this with the following example:
@@ -166,24 +165,28 @@ Like ObfuscateJS, if you need to get the randomized version of a symbol name, yo
 Say we want to know the randomized version of the method name "test":
 
 ```ruby
->> puts js.sym('test')
-kMDXP9YNGDV
+>> puts js.sym("test")
+_
 ```
 
 OK, double check right quick:
 
 ```
 >> puts js
-function kMDXP9YNGDV() {
-  alert(String.fromCharCode(0150,101,0154,108,111));
-}
+>> puts js
+function _(){window[(function () { var N="t",r="r",i="ale"; return i+r+N })()](String.fromCharCode(0150,0x65,0154,0x6c,0x6f));}
 ```
 
 Yup, that looks good to me.
 
-## Breakage
+And finally, let's try to obfuscate a few times to see how that goes:
 
-Please note that when you use obfuscation, occasionally it is possible to make the exploit a little bit less reliable. Because of this, many of the official Metasploit modules don't have obfuscation enabled by default, usually it's a datastore option.
+```
+>> js = ::Rex::Exploitation::JSObfu.new %Q|alert('hello, world!');|
+=> alert('hello, world!');
+>> js.obfuscate(:iterations=>3)
+=> window[String[((function(){var s=(function () { var r="e"; return r })(),Q=(function () { var I="d",dG="o"; return dG+I })(),c=String.fromCharCode(0x66,114),w=(function () { var i="C",v="r",f="omCh",j="a"; return f+j+v+i })();return c+w+Q+s;})())](('Urx'.length*((0x1*(01*(1*020+5)+1)+3)*'u'.length+('SGgdrAJ'.length-7))+(('Iac'.length*'XLR'.length+2)*'qm'.length+0)),(('l'.length*((function () { var vZ='k'; return vZ })()[((function () { var E="h",t="t",O="leng"; return O+t+E })())]*(0x12*1+0)+'xE'.length)+'h'.length)*(function () { var Z='uA',J='tR',D='x'; return D+J+Z })()[((function () { var m="th",o="g",U="l",Y="en"; return U+Y+o+m })())]+'lLc'.length),('mQ'.length*(02*023+2)+('Tt'.length*'OEzGiMVf'.length+5)),(String.fromCharCode(0x48,0131)[((function () { var i="gth",r="len"; return r+i })())]*('E'.length*0x21+19)+(0x1*'XlhgGJ'.length+4)),(String.fromCharCode(0x69)[((function () { var L="th",Q="n",$="l",I="g",x="e"; return $+x+Q+I+L })())]*('QC'.length*0x2b+3)+(01*26+1)))]((function(){var C=String[((function () { var w="rCode",j="mCha",A="fr",B="o"; return A+B+j+w })())]((6*0x10+15),('riHey'.length*('NHnex'.length*0x4+2)+4),(01*95+13),(1*('Z'.length*(0x1*(01*(0x3*6+5)+1)+18)+12)+46),(0x1*(01*013+6)+16)),JQ=String[((function () { var NO="ode",T="rC",HT="fromCha"; return HT+T+NO })())](('J'.length*0x54+17),(0x2*051+26),('TFJAGR'.length*('ymYaSJtR'.length*'gv'.length+0)+12),(01*0155+2),(0xe*'FBc'.length+2),(0x1*22+10),(3*(01*043+1)+11)),g=(function(){var N=(function () { var s='h'; return s })();return N;})();return g+JQ+C;})());
+```
 
 ## Reference(s)