deobfuscation

Obfuscated code contains same member variable names

↘锁芯ラ 提交于 2019-12-13 02:07:21
问题 I have an obfuscated jar which is part of a deployed application in Tomcat on my machine. The jar consists of some weird code with same variable names. I used jshrink in order to decompile the code. static private org.apache.commons.logging.Log a; private org.springframework.context.MessageSource a; private org.springframework.context.support.MessageSourceAccessor a; static private LicenseBean a; static private ThreadLocal a; private javax.servlet.ServletContext a; private String a; public

Obfuscate decimal(6,2) number using T-SQL

微笑、不失礼 提交于 2019-12-12 03:06:34
问题 How can I effectively obfuscate numbers from range 0.00 ~ 9999.99 like 11.68 6.84 7.99 7.00 so that small difference in values of similarily-sized numbers is not immediately visible? I thought about splitting each number into integer and decimal part and use them as coordinates (e.g. 11.68 → (11, 68) ) and converting them to polar coords, which is nice, but I still need two values to store them. Do you know some nice tranformation of decimal(6,2) into another single number (can be like float

Locate obfuscated function

主宰稳场 提交于 2019-12-11 11:37:34
问题 I am trying to reverse engineer a website which has a function for decoding an encoded string. The function gets called in one of the inlined scripts: <script type='text/javascript'> var str = dec("BHUJLOUBHUNK"); </script> I am not successful at finding out where actual function dec resides even though I have full source. I am suspecting the function is hidden somewhere in the following scripts (but I could be wrong): <script type="text/javascript">var _0xb557=["\x6B\x65\x79","\x4A\x30\x2B

Preventing reverse engineering with binary code and secret key

喜你入骨 提交于 2019-12-09 20:57:53
问题 I am working on a software program that has to be deployed on private cloud server of a client, who has root access. I can communicate with the software through a secure port. I want to prevent client from reverse engineering my program, or at least make it "hard enough". Below is my approach: Write code in Go and compile the software into binary code (may be with obfuscation) Make sure that program can only be initiated with secret key that can be sent through the secure port. The secret key

How can I generate all ordered combinations of length k in Perl?

筅森魡賤 提交于 2019-12-09 19:24:13
问题 I need a subroutine that, given a set of characters, will generate all possible combinations of those characters of length k. Order matters and reuse is allowed, so if k = 2 then AB != BA and AA is an option. I found some working examples on PerlMonks, but unfortunately they are code golf and not easy for me to wrap my mind around. Can someone please do one or more of the following? Give a breakdown and explanation of how the first algorithm works. De-obfuscate the code so that the meaning is

What does this perl line from a “bleached” file do?

生来就可爱ヽ(ⅴ<●) 提交于 2019-12-08 18:11:55
问题 I have some perl files which have been "bleached" (don't know if it was from ACME::Bleach, or something similar). Not being very fluent in perl, I'd like to understand what the one-liner that starts the file does to decode the whitespace that follows: $_=<<'';y;\r\n;;d;$_=pack'b*',$_;$_=eval;$@&&die$@;$_ The rest of the file is whitespace characters, and the file is executable by itself (it's placed in a /bin directory). [Solution], thanks to @JB. The pack portion of this seems the most

Dotfuscator : Error after obfuscation

时光怂恿深爱的人放手 提交于 2019-12-08 07:21:13
问题 I am using dotfuscator to obfuscate my vb.net application(myapp.exe). But i am getting error while running the obfuscated file. Below is the error when i open the exe which is obfuscated. "The settings property 'Import' was not found. ImportSetting" My application uses .config(myapp.exe.config) file which has setting like below <userSettings> <myapp.My.MySettings> <setting name="Import" serializeAs="String"> <value>True</value> </setting> </myapp.My.MySettings> </userSettings> If i don't

Operators and quote precedence in obfuscated cmd

混江龙づ霸主 提交于 2019-12-08 04:17:55
问题 Im having trouble understanding how this will evaluate, it comes from a piece of malware I'm dissecting, so beware. I've removed the ascii giberish and the integers in the foor loop which is likely to have the malicious instructions. So it should be fine, I can provide it if need be. If i strip down the code the most my basic understanding allows, it is trying to pass this: cmd.exe /c CmD /V/C"set foo=ASCIIgibberish bazz=moreASCIIgibberish&&for %f in (BunchOfIntegers)do set bar=!bar!!foo:~%f

Parenthesis calculator for C/C++ expressions operator precedence

三世轮回 提交于 2019-12-06 07:44:06
After porting some obfuscated C code into C++ (namely Fairy-Max chess engine by Harm Geert Muller), I get lots of warnings similar to these: suggest parentheses around comparison in operand of '&' [-Werror=parentheses] suggest parentheses around '+' in operand of '&' While turning off the warnings is not an option, the solution is to add parenthesis in expressions according to the operator precedence . For example: if(z&S&&!ab&K==INF&d>2&v>V&v<Beta){ needs to be transformed into this: if((z&S) && ((!ab)&(K==INF)&(d>2)&(v>V)&(v<Beta))) { But doing this manually is quite time-consuming. I tried

Firebase Crashlytics: Upload missing dSYMs to see crashes from 1 versions.(iOS)

我们两清 提交于 2019-12-05 09:20:17
问题 Error Message: Upload missing dSYMs to see crashes from 1 versions. Versions affected: 1.0 (1) I am trying to implement Firebase Crashlytics in my iOS project. I did all the setups according to Firebase Crashlytics Doucmentation. The crash is performed manually when the button is clicked just to see whether the crashlytics is working. @IBAction func onTestCrashButtonClick(_ sender: UIButton) { Crashlytics.sharedInstance().crash() } But when i tried to see the error report in the firebase
订阅 deobfuscation