deobfuscation

I have seen ctk.c obfuscated code, but How can I start to de-obfuscate it? #include <stdio.h> #include <stdlib.h> #include <unistd.h> #include <sys/time.h> #include <signal.h> #define m(b)a=b;z=*a;while(*++a){y=*a;*a=z;z=y;} #define h(u)G=u<<3;printf("\e[%uq",l[u]) #define c(n,s)case n:s;continue char x[]="((((((((((((((((((((((",w[]= "\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b";char r[]={92,124,47},l[]={2,3,1 ,0};char*T[]={" |"," |","%\\|/%"," %%%",""};char d=1,p=40,o=40,k=0,*a,y,z,g= -1,G,X,**P=&T[4],f=0;unsigned int s=0;void u(int i){int n;printf( "\233;%uH\233L%c\233;%uH%c\233;%uH%s

I know the basics to java programming, but I'm new to reverse engineering APKs, so explanations would be nice! I have an APK file file, but not the Java source. After decompiling the APK online: the bulk of the application is hidden under assets > classes.dex.dat the only java file I found is com > ... > util > ProtectedUtils.java I have ProtectedUtils.java below: Link to full file if anyone is interested import android.app.Application; import android.app.Instrumentation; import android.content.Context; import android.os.Build.VERSION; import java.lang.reflect.Constructor; import java.lang

I need to know is there some option to prevent giving same name to different functions during obfuscation. Mapping file: org.apache.http.impl.client.cache.BasicHttpCacheStorage -> org.apache.http.impl.client.cache.f: 67:68:void putEntry(java.lang.String,org.apache.http.client.cache.HttpCacheEntry) -> a 78:78:org.apache.http.client.cache.HttpCacheEntry getEntry(java.lang.String) -> a I'd like to have different names for different functions instead of lines interval. Thanks The option -useuniqueclassmembernames does this, at least for names that aren't overloaded to start with (java allows

I was looking into efficient ways to read files in Perl and came across this very interesting one liner: my $text = do { local (@ARGV, $/) = $file; <> }; My question is: How exactly does this work? Normally when slurping a file you set $/ = undef , but I don't see how this does that. This little piece of code is proving to be very difficult to wrap my head around. What would be a simplified breakdown and explanation for this? Now that I know how it works, lets get real fancy! Not that this code has any real use; it's just fun to figure out and cool to look at. Here is a one-liner to slurp

I am trying to edit a Greasemonkey/jQuery script. I can't post the link here. The code is obfuscated and compressed with minify. It starts like this: var _0x21e9 = ["\x67\x65\x74\x4D\x6F\x6E\x74\x68", "\x67\x65\x74\x55\x54\x43\x44\x61\x74\x65", ... After "decoding" it, I got this: var _0x21e9=["getMonth","getUTCDate","getFullYear", ... It is a huge list (500+ ). Then, it has some variables like this: month = date[_0x21e9[0]](), day = date[_0x21e9[1]](), ... _0x21e9[0] is getMonth, _0x21e9[1] is getUTCDate, etc. Is it possible to replace the square brackets with the actual variable name? How? I

Why does this code give the output C++Sucks ? What is the concept behind it? #include <stdio.h> double m[] = {7709179928849219.0, 771}; int main() { m[1]--?m[0]*=2,main():printf((char*)m); } Test it here . dasblinkenlight The number 7709179928849219.0 has the following binary representation as a 64-bit double : 01000011 00111011 01100011 01110101 01010011 00101011 00101011 01000011 +^^^^^^^ ^^^^---- -------- -------- -------- -------- -------- -------- + shows the position of the sign; ^ of the exponent, and - of the mantissa (i.e. the value without the exponent). Since the representation uses