Closed jiggey1 closed 3 years ago
iamkyaru
commented
3 years ago This looks like plain old ZKM flow obfuscation. You can use the "try catch obfuscation remover" execution with the "obvious flow obfuscation" execution to deobfuscate your jar file.
jiggey1
commented
3 years ago This looks like plain old ZKM flow obfuscation. You can use the "try catch obfuscation remover" execution with the "obvious flow obfuscation" execution to deobfuscate your jar file.
I appreciate the reply! unfortunately my attempt went unsuccessful. Any other suggestions? If not i completely understand!
jiggey1
commented
3 years ago This looks like plain old ZKM flow obfuscation. You can use the "try catch obfuscation remover" execution with the "obvious flow obfuscation" execution to deobfuscate your jar file.
I realized why this cant be deobfuscated. It's encrypted using DES Cipher and I'm not sure Threadtear supports this yet. Please correct me if i'm wrong but for now, i guess I need to wait.
I am using Threadtear to deobfuscate some annoying Java code. There are around 2,700 class files (all encrypted with random ass names like _ab2) Most of them look the same as in the screenshot. I am 65% sure that this is ZKM but honestly i'm not sure since I primarily deobf C# and .NET files. Any help is greatly appreciated!
*These three screenshots are from ONE file. The others look the same but are sometimes alot longer or alot shorter.