Stack Overflow
Stack Overflow

Questions tagged [deobfuscation]

Figuring out how a program works when that program has been deliberately made difficult to understand

Deobfuscation is the reverse process of . It means figuring out how a program works when that program has been deliberately made difficult to understand.

Deobfuscation is related to . If the question is about reverse engineering rather than programming then posting on the Reverse Engineering site should be considered instead.

Do not use this tag merely to indicate that you don't understand how a program works: use it only when the program was made obfuscated on purpose.

External links

392 questions
12
votes
1 answer

Deobfuscation of minified JS with source maps

Can source maps help to deobfuscate the code that was previously minified with Closure/Uglifyjs? Are there real obstacles in how source maps work, or is it not there just because nobody cared about it? I'm not quite sure if it may work in a similar…
Estus Flask
  • 206,104
  • 70
  • 425
  • 565
12
votes
2 answers

Why does the 1987 Korn oneliner print unix?

OK, I will bite. An answer to the massively popular Why does the C preprocessor interpret the word "linux" as the constant "1"? question mentions that main() { printf(&unix["\021%six\012\0"],(unix)["have"]+"fun"-0x60);}` prints "unix", but for…
chx
  • 11,270
  • 7
  • 55
  • 129
11
votes
3 answers

Unity android build symbols.zip file too big

I have started publishing my app to the Android play store and need to upload a symbols.zip file to de-obfuscate my crash reports. When I build my app in Unity 2020.1.0f1 ( had the same problem in the previous version) the app bundle(aab) is about…
Manie Besselaar
  • 542
  • 4
  • 11
11
votes
6 answers

(2009) - Tool to deobfuscate Java codes

Is there a tool to deobfuscate java obfuscated codes? The codes is extracted from a compiled class but they are obfuscated and non-readable.
Salar
  • 495
  • 3
  • 6
  • 14
10
votes
4 answers

How to "decode" some obfuscated JavaScript in HTML?

Here is one example: eval(function(p,a,c,k,e,d){e=function(c){return(c35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--){d[e(c)]=k[c]||e(c)}k=[function(e){return…
DocWiki
  • 3,488
  • 10
  • 39
  • 49
10
votes
2 answers

wordpress hacked: what does this script actually do?

I maintain three wordpress blogs, and yesterday-morning, they were all hacked. Inside all my index.php the first line looked as follows:
nathanvda
  • 49,707
  • 13
  • 117
  • 139
9
votes
4 answers

IOCCC 1984/decot.c - can it be compiled in the 21st century?

This fascinating piece of code was featured in the very first (1984) edition of the International Obfuscated C Code Contest: http://www.ioccc.org/years.html#1984 (decot) After clearing through the debris of preprocessor abuse and unused code caused…
ChemicalDruid
  • 165
  • 5
9
votes
1 answer

How to deobfuscate R8 Stack traces?

I have an app and it crashes just like every good app should! A little while ago, the Android build tools started using R8 instead of Proguard. It worked and it sped up my build, so I left it alone. Then came an exception stack trace that I had to…
copolii
  • 14,208
  • 10
  • 51
  • 80
9
votes
0 answers

Dev has vanished all i have left is a .pyt file how do I see source code?

Is there anyway to get source code back from a .pyt file? when I try to open all i get is a bunch of symbols. I had an .exe file then converted files to .pyc but the main source code seems to be in .pyt although this is me assuming as the file name…
zZehix
  • 109
  • 1
9
votes
1 answer

How does this Perl code work?

I found this Perl program: ''=~('(?{'.(']])@+}'^'-/@._]').'"'.('/<[*-_<+>?}{>]@}+@}]])@+}@<[*-_<+>?}{>]@^'^'`^=_^<]_[[]+[/,]_/]-/@._]/^=_^<]_[[]+[/,|').',$/})') It prints "Obfuscated Perl to print obfuscated Perl" I want to know how it actually…
Umair Ayub
  • 19,358
  • 14
  • 72
  • 146
9
votes
1 answer

Fancy file slurping in Perl

I was looking into efficient ways to read files in Perl and came across this very interesting one liner: my $text = do { local (@ARGV, $/) = $file; <> }; My question is: How exactly does this work? Normally when slurping a file you set $/ = undef,…
tjwrona1992
  • 8,614
  • 8
  • 35
  • 98
9
votes
3 answers

Replace array-mapped variables with the actual variable name/string?

I am trying to edit a Greasemonkey/jQuery script. I can't post the link here. The code is obfuscated and compressed with minify. It starts like this: var _0x21e9 = ["\x67\x65\x74\x4D\x6F\x6E\x74\x68", "\x67\x65\x74\x55\x54\x43\x44\x61\x74\x65",…
nex
  • 93
  • 1
  • 4
9
votes
3 answers

Found codes left by hacker but don't understand what it does

I found a line of script left by the hacker in one of my PHP files. And it reads like this: Can anyone please give some hints about what this line of code does? Thank you
user2926814
  • 145
  • 6
8
votes
2 answers

Google Play Dev Console showing Class and Method names in Stacktrace

I have an app with Proguard enabled (minifyenabled true) and recently got a crash report in the Google Play Dev Console. When I looked at it, I saw the following: I was surprised to see the full class and method names in line 1, as Proguard is…
Zippy
  • 3,826
  • 5
  • 43
  • 96
8
votes
2 answers

How to deobfuscate jar file using mapping.txt generated by Proguard?

This may sound suspicious, but I need to deobfuscate my own app. Some time ago I published my app that I obfuscated with Proguard. Unfortunately I did not save that version of the app and changed the code a lot. Now I need the code of that older…
user2758776
  • 421
  • 1
  • 5
  • 15
1
2
3
26 27