Stack Overflow
Stack Overflow

Questions tagged [deobfuscation]

Figuring out how a program works when that program has been deliberately made difficult to understand

Deobfuscation is the reverse process of . It means figuring out how a program works when that program has been deliberately made difficult to understand.

Deobfuscation is related to . If the question is about reverse engineering rather than programming then posting on the Reverse Engineering site should be considered instead.

Do not use this tag merely to indicate that you don't understand how a program works: use it only when the program was made obfuscated on purpose.

External links

392 questions
2
votes
0 answers

ProGuard's ReTrace/Crashlytics doesn't deobfuscate crashes correctly

we have the problem with correct deobfuscation on Crashlytics but we suspect that it could be the issue of correct translation of stacktraces from Model class with our mapping file by Proguard. We prepared small application with MainActivity…
Cerviany
  • 49
  • 4
2
votes
1 answer

Play Console deobfuscation deosn't work

I've added an update to one of my apps and started to receive crashes. I've added mapping.txt to Play Console to get the deobfuscated stack trace, but it didn't make any influence. I still receive the same crashes that are obfuscated, and the Play…
Dmitry Smolyaninov
  • 2,159
  • 1
  • 18
  • 32
2
votes
0 answers

Javascript function output (deobfuscation)

I have come across this code in a web page from a CTF game: function conexion() { var Password = "unescape(String.fromCharCode%2880%2C%20108%2C%2097%2C%20110%29):KZQWYZLOMNUWC===": for (i = 0; i < Password.length; i++) { if…
John Javascript
  • 29
  • 2
2
votes
1 answer

Unknown PHP obfuscation technique

I've come accross a piece of code using various techniques of obfuscation and, mostly driven by curiosity, have been trying to understand the techniques it uses. I've done some work on it, but i'm at a point where I don't understand fully what it's…
Quentin Le Caignec
  • 95
  • 1
  • 8
2
votes
2 answers

Encoded JavaScript: How to decode?

I recently bought a script from a guy that isn't replying anymore, and left me with the script obfuscated and not working. The thing is that everything works except the encoded part, which gives error. I've tried every website on google to…
unkn0wnx
  • 137
  • 3
  • 14
2
votes
0 answers

How to break an XOR cipher

My friend's server was recently hacked and I'm trying to decipher the malicious files I found in hopes of understanding the hack better. I can tell that they're using an XOR cipher and I've tried to learn everything I could about that on my own, but…
Beau
  • 1,771
  • 1
  • 15
  • 20
2
votes
2 answers

How to Deobfuscation Lua Script?

local script= string.dump( function() print('Hi') end ) buff="" for v=1,string.len(script) do buff=buff..'\\'..string.byte(script,v) end print(buff) script turns into byte code, any idea how to reverse it?
Sutenzzor
  • 29
  • 1
  • 2
2
votes
1 answer

JavaScript array deobfuscation

Solved: Replace array-mapped variables with the actual variable name/string? I'm trying to decode some JS and I've got a good portion of it done, however, I'm stumped here. The code does something like this: var arr = ["value", "value1",…
Eli Richardson
  • 934
  • 7
  • 25
2
votes
0 answers

How to reverse an ELF compiled in Android NDK with OLLVM obfuscation

I got an Android root exploit from a malicious apk. But all the functions in the ELF are striped and I find it was compiled with OLLVM(https://github.com/obfuscator-llvm/obfuscator).How can I figure out what vulnerability it expoloit. Anyone has…
D.Yu
  • 21
  • 2
2
votes
1 answer

Why I am getting obfuscated code in logs even after uploading mapping.txt on Firebase Crash Report?

I am using Firebase crash reporting into my android app. I am using Proguard to obfuscate my app. I have uploaded mapping.txt file generated after building release apk, to the Firebase Crash reporting, but I am still getting some Obfuscated code,…
vijay053
  • 822
  • 3
  • 18
  • 36
2
votes
2 answers

Java deobfuscator supporting variable renaming?

I'm trying to reverse engineering a .jar file (basically a group of .class files). However, there are two difficulties: Some of the variables, methods and classes are named with unicode characters, which cannot be properly displayed. This makes…
Cyker
  • 9,946
  • 8
  • 65
  • 93
2
votes
1 answer

Methods for de-obfuscating javascript that uses string concatenation for property names

I am trying to puzzle out a way to de-obfuscate javascript that looks like this: https://jsfiddle.net/douglasg14b/4951br9f/2/ var testString = 'Test | String' var wf6 = { fq4: 'su', k8d: 'bs', l8z: 'tri', cy1: 'ng', t5j: 'te', ol:…
Douglas Gaskell
  • 9,017
  • 9
  • 71
  • 128
2
votes
1 answer

Decompiling obfuscated Android dex/jar files into Java source code

Are there ways to decompile obfuscated dex/jar files into Java source code? I have an APK with no classes.dex file within it, but I have the odex file. I've tried using oat2dex and dex2jar to get the dex/jar files, and then used a few decompilers to…
user1118764
  • 9,255
  • 18
  • 61
  • 113
2
votes
1 answer

Python regex groupdict returns single characters instead of strings for groups

I'm running up against a really confusing issue with Regex matching in Python. I have a pair of regex patterns that work fine in debugging tools such as regex101: [Hex&Oct matching Pattern] (Code in testing window is the same as the file contents…
Minothor
  • 316
  • 4
  • 15
2
votes
1 answer

Any JavaScript obfuscators that don't use eval in the produced obfuscated code?

I am looking for a JavaScript obfuscator tool that doesn't use eval in resulted obfuscated code. All the tools I've seen so far use eval in resulted code.
Arshdeep
  • 4,281
  • 7
  • 31
  • 46
1 2 3
26 27