Stack Overflow
Stack Overflow

Questions tagged [deobfuscation]

Figuring out how a program works when that program has been deliberately made difficult to understand

Deobfuscation is the reverse process of . It means figuring out how a program works when that program has been deliberately made difficult to understand.

Deobfuscation is related to . If the question is about reverse engineering rather than programming then posting on the Reverse Engineering site should be considered instead.

Do not use this tag merely to indicate that you don't understand how a program works: use it only when the program was made obfuscated on purpose.

External links

392 questions
3
votes
2 answers

Retrace for DexGuard

I use DexGuard for obfuscation. I have the stack trace from crash log and the mapping file. When I run retrace.bat, giving it the stack trace and the mapping file, the output is still in the obfuscated format.
Juuso Ohtonen
  • 8,826
  • 9
  • 65
  • 98
3
votes
2 answers

Very interesting Javascript Obfuscation. Help understanding it

I found out one of my sites was hacked, and upon investigation, I looked at a javasript file that was uploaded and I couldn't believe that it actually served a purpose due to the insane obfuscation. I'm so intrigued with it that I need to know how…
user1914191
  • 73
  • 3
3
votes
0 answers

Linux based virus / malware source code in C

I am working on project of metamorphic code generator. In order to test this project I need some virus source codes in C. Since I have developed this tool on Linux. I need virus codes which are Linux based. Are there any good links from where I can…
teja tamboli
  • 41
  • 2
3
votes
3 answers

Deobfuscating some PHP code

I'm trying to deobfuscate this PHP code:
ccamacho
  • 707
  • 8
  • 22
3
votes
3 answers

How to deobfuscate jar file

Is there is any open source tool for deobfuscation? Not able to read the decompiled files its showing class/method as A/B/C etc
user1654637
  • 31
  • 1
  • 2
2
votes
2 answers

Please suggest good blog, article or doc on reverse engineering obfuscated code

As I explained in one of my previous topics, I lost my hard disk with dozens of apps (all last year's work) and now I have to reverse engineer all of them. Some older were RI-ed easily because their code was not obfuscated. However, all newer apps…
sandalone
  • 41,141
  • 63
  • 222
  • 338
2
votes
3 answers

identify this JavaScript?

I inherited a project that includes the following crazy JavaScript. I assume this is the result of running the original code through a minifier/obfuscator, and wasn't actually written like this. It appears that the original code was the JCarousel…
Dónal
  • 185,044
  • 174
  • 569
  • 824
2
votes
0 answers

Python deobsofucation tzlibtbase64t - base64 with / and +

I would like to verify that a script its running what it claims. The target script (tracker.py) seems to be obsofucated with this other script (also obsofucated) using marshal, zlib, base64, base32 and base16 because its mentioned in the comments of…
ibitebyt3s
  • 2,992
  • 2
  • 15
  • 25
2
votes
3 answers

Decompiling PYC files for python 3.9.2

Currently, I have a PYC file for the 3.9.2 version of python (P.S: This applies to all versions 3.9 and above). I'm trying to decompile the PYC file but it is showing an error as uncompyle6 (or rather, the newer version, decompyle3) is not…
user15154281
2
votes
1 answer

Cannot find deobfuscation file upload in new google paly console

For some reason, I cannot find the page in the new Google play console where I used to upload deobfuscation files for android applications. If you know where to find it, please let us know. Thanks
user4617883
  • 1,277
  • 1
  • 11
  • 21
2
votes
2 answers

Is there any way to decode this malware code from infected file?

I'm trying to decode these lines bellow inside "" , WriteBytes objFile, "5 240 23 65 0 68 210 237 0 136 29 26 60 65 203 232 214 76 0 0 104 224 218 64 255 232 216 164 0 0 131 196 4 83 28 35 104 76 64 65 0 203 252 252 0 0 139 85 12 139" WriteBytes…
tester2020
  • 21
  • 3
2
votes
1 answer

How to read lambdas in android / R8 stack trace de-obfuscated with retrace.jar?

Specifically, lines similar to: .-$$Lambda$$TBpBoCodhQrLRrW-jmx762QZ0VY.run(Unknown Source:2) and were obviously replaced. Perhaps there are some options to R8 to preserve pertinent information?
GrzegDev
  • 135
  • 1
  • 10
2
votes
1 answer

How can I find library versions of an Android application?

I'm pretty new on Android and I'm trying to understand the file system. I downloaded the apk file of an Android application and decoded it with apktool. Where is an android application listed versions of libraries? What's the easy way to find…
Nozoom
  • 41
  • 5
2
votes
1 answer

Parenthesis calculator for C/C++ expressions operator precedence

After porting some obfuscated C code into C++ (namely Fairy-Max chess engine by Harm Geert Muller), I get lots of warnings similar to these: suggest parentheses around comparison in operand of '&' [-Werror=parentheses] suggest parentheses around…
Andriy Makukha
  • 7,580
  • 1
  • 38
  • 49
2
votes
1 answer

Is this deep obfuscation? Cannot understand the meaning of it

Given the following script: É = -~-~[], ó = -~É, Ë = É << É, þ = Ë + ~[]; Ì = (ó - ó)[Û = ('' + {})[É + ó] + ('' + {})[ó - É] + ([].ó + '')[ó - É] + (!!'' + '')[ó] + ({} + '')[ó + ó] + (!'' + '')[ó - É] + (!'' + '')[É] + ('' + {})[É + ó] + ({} +…
Ava Barbilla
  • 968
  • 2
  • 18
  • 37
1 2 3
26 27