Simplify - Generic Android Deobfuscator

Aici puteti posta software nou dezvoltat de dumneavoastra.
Software news and new software launch.

Simplify - Generic Android Deobfuscator

Post Number:#1  Postby rukov » 09 Dec 2014 15:09

Simplify uses a virtual machine to understand what an app does. Then, it applies optimizations to create code that behaves identically, but is easier for a human to understand. Specifically, it takes Smali files as input and outputs a Dex file with (hopefully) identical semantics but less complicated structure.

For example, if an app's strings are encrypted, Simplify will interpret the app in its own virtual machine to determine semantics. Then, it uses the apps own code to decrypt the strings and replaces the encrypted strings and the decryption method calls with the decrypted versions. It's a generic deobfuscator becuase Simplify doesn't need to know how the decryption works ahead of time. This technique also works well for eliminating different types of white noise, such as no-ops and useless arithmetic.
Before / After
Image
Image
Lots of method calls, no clear meaning Wow, such literal, much meaning

There are three parts to the project:

Smali Virtual Machine (SmaliVM) - A VM designed to handle ambiguous values and multiple possible execution paths. For example, if there is an if, and the predicate includes unknown values (user input, current time, read from a file, etc.), the VM will assume either one could happen, and takes the true and false paths. This increases uncertainty, but maintains fidelity. SmaliVM's output is a graph that represents what the app could do. It contains every possible execution path and the register and class member values at each possible execution of every instruction.
Simplify - The optimizer. It takes the graphs from SmaliVM and applies optimizations like constant propagation, dead code removal, and specific peephole optimizations.
Demoapp - A short and heavily commented project that shows how to get started using SmaliVM.


Download
Hidden Content
This board requires you to be registered and logged-in before you can view hidden content.
User avatar
rukov
Mediu
Mediu
Progress to next rank:
48%
 
Status: Offline
Posts: 74
Joined: 23 Jan 2014 12:43

Invitations sent: 0
Referrals: 1
Local time: 23 Nov 2017 04:40
Has thanked: 25 times
Been thanked: 71 times

Return to Lansari de software

Who is online

Users browsing this forum: No registered users and 2 guests

cron