No obfuscators have been detected.

java-deobfuscator / deobfuscator

The real deal

https://javadeobfuscator.com

Apache License 2.0

1.54k stars 288 forks source link

No obfuscators have been detected. #1001

Closed VishnuRameshbabu closed 1 week ago

VishnuRameshbabu commented 2 weeks ago

PS C:\Users\test\OneDrive\Desktop\CONCORDIA\SOEN 6971\Deobfuscator> java -jar deobfuscator.jar --config detect.yml
[main] INFO com.javadeobfuscator.deobfuscator.Deobfuscator - Loading classpath
[main] INFO com.javadeobfuscator.deobfuscator.Deobfuscator - Loading input
[main] INFO com.javadeobfuscator.deobfuscator.Deobfuscator - Detecting known obfuscators
[main] INFO com.javadeobfuscator.deobfuscator.Deobfuscator - All detectors have been run. If you do not see anything listed, check if your file only contains name obfuscation.
[main] INFO com.javadeobfuscator.deobfuscator.Deobfuscator - Do note that some obfuscators do not have detectors.

detect.yml

input: JIProlog.jar
detect: true

I am trying to deobfuscate a JIProlog.jar, a Prolog interpreter. Not sure why I am not getting any obfuscators listed.

Janmm14 commented 2 weeks ago

Maybe no obfuscator used. Maybe another obfuscator used. Maybe a too new version of supported obfuscator used which is not supported.

This project is also essentially unmaintained since a couple years due to lack of contributors willing to make their work public.

Several people here have learned that in response to attempts like this deobfuscator, some commercial obfuscators have resorted to exploiting bugs within this specific project multiple times and added obfuscation strategies which attempt to prevent automated deobfuscation.

VishnuRameshbabu commented 2 weeks ago

Sorry, I didn't know a lot happened to the repo. But I really thank you for taking the time to reply to my issue.

The jar is from 2002, so maybe it's obfuscator might not be supported.

Thanks again.

Janmm14 commented 2 weeks ago

Sorry, I didn't know a lot happened to the repo. But I really thank you for taking the time to reply to my issue.

The jar is from 2002, so maybe it's obfuscator might not be supported.

Thanks again.

please also note that there are 2 types of obfuscation.

first is "identifier" obfuscation: change class/field/method names, remove local variable name info this is not recoverable (unless sourcefile attribute is not changed/removed as well, but that'd be detected)

second is actual code obfuscation, changing the code methods execute, to repalce strings with an encrypted string + string-decryption-routine, to change method calls with reflection.

this deobfuscator is meant to handle the second type mostly.

for the first type, the only option is manual remapping. a good tool for this is https://github.com/QuiltMC/enigma

VishnuRameshbabu commented 1 week ago

I think mine is the first one, since the deobfuscation mostly contained variable./field/method name changes like a9, a, b and using java reserved key words.

I had to resort with modifying the bytecode.

I really appreciate with suggesting me this alternative. Thanks again.