search

java-deobfuscator / deobfuscator

The real deal
https://javadeobfuscator.com
Apache License 2.0
1.57k stars 292 forks source link

Deobfuscation Failed #728

Open avesanidennis opened 3 years ago

avesanidennis commented 3 years ago

So I tried to deobfuscate a JAR, in the detection mode this was my output:

[main] INFO com.javadeobfuscator.deobfuscator.Deobfuscator - Loading classpath
[main] INFO com.javadeobfuscator.deobfuscator.Deobfuscator - Loading input
[main] INFO com.javadeobfuscator.deobfuscator.Deobfuscator - Detecting known obfuscators
[main] INFO com.javadeobfuscator.deobfuscator.Deobfuscator -
[main] INFO com.javadeobfuscator.deobfuscator.Deobfuscator - RuleIllegalSignature: Some obfuscators will set the signature of a class/method/field to an illegal value. This may crash naive decompilers/disassemblers
[main] INFO com.javadeobfuscator.deobfuscator.Deobfuscator -    Found illegal class signature for ???
[main] INFO com.javadeobfuscator.deobfuscator.Deobfuscator - Recommend transformers:
[main] INFO com.javadeobfuscator.deobfuscator.Deobfuscator - (Choose one transformer. If there are multiple, it's recommended to try the transformer listed first)
[main] INFO com.javadeobfuscator.deobfuscator.Deobfuscator -    com.javadeobfuscator.deobfuscator.transformers.general.removers.IllegalSignatureRemover
[main] INFO com.javadeobfuscator.deobfuscator.Deobfuscator -
[main] INFO com.javadeobfuscator.deobfuscator.Deobfuscator - RuleSourceFileAttribute: Some obfuscators don't remove the SourceFile attribute by default. This information can be recovered, and is very useful
[main] INFO com.javadeobfuscator.deobfuscator.Deobfuscator -    Found possible SourceFile attribute on u: CrashReport.java
[main] INFO com.javadeobfuscator.deobfuscator.Deobfuscator - Recommend transformers:
[main] INFO com.javadeobfuscator.deobfuscator.Deobfuscator - (Choose one transformer. If there are multiple, it's recommended to try the transformer listed first)
[main] INFO com.javadeobfuscator.deobfuscator.Deobfuscator -    com.javadeobfuscator.deobfuscator.transformers.normalizer.SourceFileClassNormalizer

Then with the following config, I tried to run the deobfuscator and the following stacktrace was printed.

Config:

input: client.jar
output: output.jar
transformers:
  - com.javadeobfuscator.deobfuscator.transformers.general.removers.IllegalSignatureRemover
  - com.javadeobfuscator.deobfuscator.transformers.normalizer.SourceFileClassNormalizer

Stacktrace:

[main] INFO com.javadeobfuscator.deobfuscator.Deobfuscator - Loading classpath
[main] INFO com.javadeobfuscator.deobfuscator.Deobfuscator - Loading input
[main] INFO com.javadeobfuscator.deobfuscator.Deobfuscator - Computing callers
[main] INFO com.javadeobfuscator.deobfuscator.Deobfuscator - Transforming
[main] INFO com.javadeobfuscator.deobfuscator.Deobfuscator - Running com.javadeobfuscator.deobfuscator.transformers.general.removers.IllegalSignatureRemover
[main] INFO com.javadeobfuscator.deobfuscator.Deobfuscator - Running com.javadeobfuscator.deobfuscator.transformers.normalizer.SourceFileClassNormalizer
[SourceFileClassNormalizer] Recovered 2 source filenames

Deobfuscation failed. Please open a ticket on GitHub and provide the following error:
java.lang.IllegalArgumentException
        at org.objectweb.asm.Type.getTypeInternal(Type.java:443)
        at org.objectweb.asm.Type.getType(Type.java:177)
        at org.objectweb.asm.commons.Remapper.mapDesc(Remapper.java:55)
        at org.objectweb.asm.commons.ClassRemapper.visitAnnotation(ClassRemapper.java:122)
        at org.objectweb.asm.tree.ClassNode.accept(ClassNode.java:406)
        at com.javadeobfuscator.deobfuscator.transformers.normalizer.AbstractNormalizer.lambda$0(AbstractNormalizer.java:47)
        at java.base/java.util.HashMap$Values.forEach(HashMap.java:976)
        at com.javadeobfuscator.deobfuscator.transformers.normalizer.AbstractNormalizer.transform(AbstractNormalizer.java:42)
        at com.javadeobfuscator.deobfuscator.Deobfuscator.runFromConfig(Deobfuscator.java:410)
        at com.javadeobfuscator.deobfuscator.Deobfuscator.start(Deobfuscator.java:367)
        at com.javadeobfuscator.deobfuscator.DeobfuscatorMain.run(DeobfuscatorMain.java:120)
        at com.javadeobfuscator.deobfuscator.DeobfuscatorMain.run(DeobfuscatorMain.java:113)
        at com.javadeobfuscator.deobfuscator.DeobfuscatorMain.main(DeobfuscatorMain.java:50)
Janmm14 commented 3 years ago

The transformers you have chosen do not actually deobfuscate. Those are just helper transformers to tidy the output after the real work was done.

There are three possibilities:

avesanidennis commented 3 years ago

Ok, thank you, man! So is there a possibility to deobfuscate this type of jar?

Janmm14 commented 3 years ago

Ok, thank you, man! So is there a possibility to deobfuscate this type of jar?

Well, I cannot break into your computer that easily to see which jar you want to have deobfuscated. That means, IF YOU ARE ALLOWED TO SHARE THE JAR TO THE PUBLIC, please upload it.

For the possibility 1 of the 3 I wrote above: No automatic deobfuscation possible. Use https://www.cuchazinteractive.com/enigma/ to manually rename classes, methods and fields based on context. The SourceFileClassNormalizer might help you with class names.

ThisTestUser commented 3 years ago

The new remover transformers should fix this issue. Use the AnnotationRemovers before you use normalizer transformers.