java.lang.IllegalArgumentException error

[Papyrus12]

While De-obfuscating my friends MC client, this error shown up.

java.lang.IllegalArgumentException at org.objectweb.asm.signature.SignatureReader.parseType(SignatureReader.java:249) at org.objectweb.asm.signature.SignatureReader.accept(SignatureReader.java:122) at org.objectweb.asm.commons.Remapper.mapSignature(Remapper.java:209) at org.objectweb.asm.commons.ClassRemapper.visitMethod(ClassRemapper.java:189) at org.objectweb.asm.tree.MethodNode.accept(MethodNode.java:647) at org.objectweb.asm.tree.ClassNode.accept(ClassNode.java:465) at com.javadeobfuscator.deobfuscator.transformers.normalizer.AbstractNormalizer.lambda$0(AbstractNormalizer.java:47) at java.base/java.util.HashMap$Values.forEach(HashMap.java:1067) at com.javadeobfuscator.deobfuscator.transformers.normalizer.AbstractNormalizer.transform(AbstractNormalizer.java:42) at com.javadeobfuscator.deobfuscator.Deobfuscator.runFromConfig(Deobfuscator.java:410) at com.javadeobfuscator.deobfuscator.Deobfuscator.start(Deobfuscator.java:367) at com.javadeobfuscator.deobfuscator.DeobfuscatorMain.run(DeobfuscatorMain.java:120) at com.javadeobfuscator.deobfuscator.DeobfuscatorMain.run(DeobfuscatorMain.java:113) at com.javadeobfuscator.deobfuscator.DeobfuscatorMain.main(DeobfuscatorMain.java:50)

Please help! Here is my config.

input: DayDream.jar output: HopefullyNulled.jar transformers: com.javadeobfuscator.deobfuscator.transformers.normalizer.SourceFileClassNormalizer

[Janmm14]

SourceFileClassNormalizer is no real deobfuscation transformer, even if it was suggested to you by the detect feature. It seems like in this case it was unable to parse generics information which might be a bug in the library we use or some obfuscation putting in garbage data.

You can retry the detect feature with the latest build of the deobfuscator (you can get one here: https://github.com/Janmm14/deobfuscator/releases )

If that does not detect anything new:

As a minecraft client falls within #653 you cannot upload the sample here. What you could do alternatively is show one obfuscated class file content after Krakatau dissassembly (possible for example with BytecodeViewer or Helios). Then I can maybe work out which obfuscator was used and tell you which transformer to use if we have one already for the obfuscation in this project.

[Papyrus12]

Hello! I know which exact Obfuscator he used. Its just that I don't know what transformer to use. He uses QProtect Obfuscator. If you can find out which transformer to use, that'll be excellent. https://max-x-molly.sxcu.net/n00d9Q This is an image of the disabler class.

[Janmm14]

There is no transformer written yet for that obfuscator.

Unfortunaly that image does not show anything really obfuscated.

Class names, field names ans method names are not considered code constants. Usually automatic reversal is impossible for those.

What can be reversed are in-program strings, integers, control flow scrambling as well as some kinds of decompiler crashing.

A gist of Krakatau disassembler is at least needed to attempt creating a deobfuscating transformer out of the blue. Otherwise we cannot help you.

What might be possible as alternative is that you ask your friend to obfuscate some open-source java library or some freely available minecraft spigot plugin like https://www.spigotmc.org/resources/command-signs.10512/ (just picked a random one which is not far too big and also not too small). Given one obfuscated sample it is much easier to write&test transformers. Don't expect a transformer to be ready within 1 week though.

Depending on how challenging the obfuscation is to the java vm simulator/interpreter in this project, it might be that I decide that I don't want to copy code / tidy up code / make code resistant enough to be published from my private edit of this deobfuscator. (I don't want to share all my work and I don't want obfuscators to step up bejond my priv8 fork capabilities)

[ItzSomebody]

I suspect that this probably has something to do with the class signatures being set to garbage strings. If that's the case, then general.removers.IllegalSignatureRemover will probably do the trick. Janmm's comments are also valid: It can be pretty unclear what is actually causing the problem if not enough information is provided.