Stack Overflow
Stack Overflow

Questions tagged [deobfuscation]

Figuring out how a program works when that program has been deliberately made difficult to understand

Deobfuscation is the reverse process of . It means figuring out how a program works when that program has been deliberately made difficult to understand.

Deobfuscation is related to . If the question is about reverse engineering rather than programming then posting on the Reverse Engineering site should be considered instead.

Do not use this tag merely to indicate that you don't understand how a program works: use it only when the program was made obfuscated on purpose.

External links

392 questions
5
votes
1 answer

Alternative to Eclipse's Abstract Syntax Tree parser for code manipulation

Background I am writing a program that will do some bulk renaming of members and functions in a directory of java source code to de-obfuscate the code based on a look-up table .csv file passed in to the program. What this is for is the source code…
Scott Chamberlain
  • 124,994
  • 33
  • 282
  • 431
5
votes
2 answers

I need a Javascript literal syntax converter/deobfuscation tools

I have searched Google for a converter but I did not find anything. Is there any tools available or I must make one to decode my obfuscated JavaScript code ? I presume there is such a tool but I'm not searching Google with the right keywords. The…
Francois Valiquette
  • 253
  • 1
  • 2
  • 5
5
votes
1 answer

obfuscated javascript code

I have encountered some java script code which I believe is malicious but most of it is obfuscated. I was wondering if someone could help me figure out what this code actually does. eval(unescape('function n48ec61ae(s) { var r = ""; var tmp…
njvb
  • 1,377
  • 3
  • 18
  • 36
5
votes
7 answers

How would you reverse engineer this?

I've got some code that was at the bottom of a php file that is in javascript. It goes through lots of weird contortions like converting hex to ascii then doing regex replacements, executing code and so on... Is there any way to find out what it's…
GeoffreyF67
  • 11,061
  • 11
  • 46
  • 56
5
votes
4 answers

How to defeat deobfuscation of obfuscated javascript code?

This is a generic question I've seen javascript on some websites which is obfuscated When you try to deobfuscate the code using standard deobfuscators (deobfuscatejavascript.com, jsnice.org and jsbeautifier.org) , the code is not easily…
Sai Reddy
  • 53
  • 1
  • 4
5
votes
1 answer

Strange BASIC math formula

I like converting old BASIC games - I ran across one that had this odd formula. Currently I am writing in Pascal, but I can write it in any language. After rummaging through the code, I could not find if this var in use, but still would like to know…
Klyxmaster
  • 53
  • 2
5
votes
1 answer

How do you interpret a deobfuscated Android crash report?

I downloaded a crash report from my app's Google Play admin area, ran it through retrace.sh to deobfuscate the Proguard mapping, and it produced the output below. Questions: What is Unknown Source? showHeader, showPhoto, etc. are indeed methods in…
Steveo
  • 2,238
  • 1
  • 21
  • 34
5
votes
1 answer

Constant folding in the preprocessing stage

I have a piece of C code I need to deobfuscate. It contains a bunch of tricky macros. I ran the code through C preprocessor and indent and now it looks similar to this: switch (9263 + 1505) { case 1505 + 41131 + 6729 + 2347: ... case…
Pavel Zaichenkov
  • 835
  • 5
  • 12
5
votes
6 answers

how to protect .NET executable from de4dot or similar tools?

I have tried obfuscation with following obfuscators but none is successful against de40 tool [https://bitbucket.org/0xd4d/de4dot/] It's really painful to see how easy this is.. just drag the obfuscated .net exe on de4dot.exe and you will get the…
Shivraj
  • 263
  • 1
  • 2
  • 8
5
votes
2 answers

Java Code Security

Possible Duplicate: Do you obfuscate your commercial Java code? Is there any way other then obfuscation to protect jars from being opened by someone else? The thing is that I don't want anyone to access the code, which is why I don't prefer Java.…
user1870398
5
votes
2 answers

Why this obfuscated code is malicious in JavaScript?

A friend of mine's site was being listed as malicious, and we found some obfuscated code that had been injected into his index.php without him knowing. I deobfuscated the code down two levels and found this: (code can be viewed in the edit…
Nathan F.
  • 3,250
  • 3
  • 35
  • 69
4
votes
1 answer

What does this obfuscated bash/perl code do?

I've just found this code in a comment on a blog. #!/bin/perl -sp0777i
Samizdis
  • 1,591
  • 1
  • 17
  • 33
4
votes
1 answer

Keeping all strings JNI android to protect from reverse engineering?

This is how i am keeping strings in JNI extern "C" JNIEXPORT jstring JNICALL Java_com_galaxy_mars_moon_MainActivity_getDefaultNegative(JNIEnv* env, jobject) { std::string defaultNegative = "Cancel"; return…
Rushikant Pawar
  • 428
  • 1
  • 5
  • 14
4
votes
4 answers

Deobfuscate production Android errors via uploading proguard rules mapping file to google play console

Suddenly my released app crashed while opening just after installing the app from play-store. But problem is that when I am running the code in Android Studio in debug mode app does not crash. When I looked for crash error on google play console I…
WitVault
  • 23,445
  • 19
  • 103
  • 133
4
votes
1 answer

Get deobfuscated typescript callstack from obfuscated javascript code

Problem: I have log files from a server, which contain the callstacks from the thrown error, that triggered the creation of this log file. The server application is written in typescript with nodejs but gest transpiled to javascript, and the the…
Lukas.Kurz
  • 43
  • 3
1 2 3
26 27