From 26458e7280bbd5f69e640e2efab621595e2ced8e Mon Sep 17 00:00:00 2001 From: Adam Date: Fri, 10 Jul 2015 12:37:45 -0400 Subject: [PATCH] Add common deobfuscator interface --- src/main/java/info/sigterm/deob/Deobfuscator.java | 6 ++++++ .../deob/deobfuscators/IllegalStateExceptions.java | 11 +++++------ .../java/info/sigterm/deob/deobfuscators/Jumps.java | 4 +++- .../deobfuscators/ModularArithmeticDeobfuscation.java | 10 +++------- .../info/sigterm/deob/deobfuscators/RenameUnique.java | 4 +++- .../sigterm/deob/deobfuscators/RuntimeExceptions.java | 4 +++- .../info/sigterm/deob/deobfuscators/UnusedBlocks.java | 4 +++- .../info/sigterm/deob/deobfuscators/UnusedFields.java | 4 +++- .../sigterm/deob/deobfuscators/UnusedMethods.java | 6 ++++-- .../sigterm/deob/deobfuscators/UnusedParameters.java | 8 +++++--- 10 files changed, 38 insertions(+), 23 deletions(-) create mode 100644 src/main/java/info/sigterm/deob/Deobfuscator.java diff --git a/src/main/java/info/sigterm/deob/Deobfuscator.java b/src/main/java/info/sigterm/deob/Deobfuscator.java new file mode 100644 index 0000000000..15c4821ec6 --- /dev/null +++ b/src/main/java/info/sigterm/deob/Deobfuscator.java @@ -0,0 +1,6 @@ +package info.sigterm.deob; + +public interface Deobfuscator +{ + public void run(ClassGroup group); +} diff --git a/src/main/java/info/sigterm/deob/deobfuscators/IllegalStateExceptions.java b/src/main/java/info/sigterm/deob/deobfuscators/IllegalStateExceptions.java index 27a239ab66..0778ee195d 100644 --- a/src/main/java/info/sigterm/deob/deobfuscators/IllegalStateExceptions.java +++ b/src/main/java/info/sigterm/deob/deobfuscators/IllegalStateExceptions.java @@ -1,7 +1,10 @@ package info.sigterm.deob.deobfuscators; +import java.util.List; + import info.sigterm.deob.ClassFile; import info.sigterm.deob.ClassGroup; +import info.sigterm.deob.Deobfuscator; import info.sigterm.deob.Method; import info.sigterm.deob.attributes.Code; import info.sigterm.deob.attributes.code.Instruction; @@ -15,12 +18,7 @@ import info.sigterm.deob.execution.Execution; import info.sigterm.deob.execution.Frame; import info.sigterm.deob.execution.InstructionContext; -import java.util.ArrayList; -import java.util.HashSet; -import java.util.List; -import java.util.Set; - -public class IllegalStateExceptions +public class IllegalStateExceptions implements Deobfuscator { /* find if, new, ..., athrow, replace with goto */ private int checkOnce(Execution execution, ClassGroup group) @@ -120,6 +118,7 @@ public class IllegalStateExceptions return count; } + @Override public void run(ClassGroup group) { Execution execution = new Execution(group); diff --git a/src/main/java/info/sigterm/deob/deobfuscators/Jumps.java b/src/main/java/info/sigterm/deob/deobfuscators/Jumps.java index 1c946ab1c4..a475f0fdcc 100644 --- a/src/main/java/info/sigterm/deob/deobfuscators/Jumps.java +++ b/src/main/java/info/sigterm/deob/deobfuscators/Jumps.java @@ -2,6 +2,7 @@ package info.sigterm.deob.deobfuscators; import info.sigterm.deob.ClassFile; import info.sigterm.deob.ClassGroup; +import info.sigterm.deob.Deobfuscator; import info.sigterm.deob.Method; import info.sigterm.deob.attributes.code.Block; import info.sigterm.deob.attributes.code.Instruction; @@ -12,7 +13,7 @@ import info.sigterm.deob.attributes.code.instructions.GotoW; import java.util.ArrayList; import java.util.List; -public class Jumps +public class Jumps implements Deobfuscator { private int checkBlockGraphOnce(ClassGroup group) { @@ -83,6 +84,7 @@ public class Jumps return count; } + @Override public void run(ClassGroup g) { int count = 0; diff --git a/src/main/java/info/sigterm/deob/deobfuscators/ModularArithmeticDeobfuscation.java b/src/main/java/info/sigterm/deob/deobfuscators/ModularArithmeticDeobfuscation.java index 0e8edcf1db..522b223491 100644 --- a/src/main/java/info/sigterm/deob/deobfuscators/ModularArithmeticDeobfuscation.java +++ b/src/main/java/info/sigterm/deob/deobfuscators/ModularArithmeticDeobfuscation.java @@ -6,21 +6,16 @@ import java.util.HashMap; import java.util.HashSet; import java.util.List; import java.util.Map; -import java.util.Map.Entry; import java.util.Set; import info.sigterm.deob.ClassFile; import info.sigterm.deob.ClassGroup; +import info.sigterm.deob.Deobfuscator; import info.sigterm.deob.Field; -import info.sigterm.deob.Method; -import info.sigterm.deob.attributes.Code; import info.sigterm.deob.attributes.code.Instruction; -import info.sigterm.deob.attributes.code.Instructions; -import info.sigterm.deob.attributes.code.instruction.types.ComparisonInstruction; import info.sigterm.deob.attributes.code.instruction.types.FieldInstruction; import info.sigterm.deob.attributes.code.instruction.types.GetFieldInstruction; import info.sigterm.deob.attributes.code.instruction.types.InvokeInstruction; -import info.sigterm.deob.attributes.code.instruction.types.LVTInstruction; import info.sigterm.deob.attributes.code.instruction.types.PushConstantInstruction; import info.sigterm.deob.attributes.code.instruction.types.SetFieldInstruction; import info.sigterm.deob.attributes.code.instructions.IMul; @@ -29,7 +24,7 @@ import info.sigterm.deob.execution.Frame; import info.sigterm.deob.execution.InstructionContext; import info.sigterm.deob.execution.StackContext; -public class ModularArithmeticDeobfuscation +public class ModularArithmeticDeobfuscation implements Deobfuscator { private Set obfuscatedFields; // reliability of these sucks @@ -676,6 +671,7 @@ public class ModularArithmeticDeobfuscation return modInverse(BigInteger.valueOf(val), 64).longValue(); } + @Override public void run(ClassGroup group) { Execution execution = new Execution(group); diff --git a/src/main/java/info/sigterm/deob/deobfuscators/RenameUnique.java b/src/main/java/info/sigterm/deob/deobfuscators/RenameUnique.java index 0b62d5c069..d1bcb6ee31 100644 --- a/src/main/java/info/sigterm/deob/deobfuscators/RenameUnique.java +++ b/src/main/java/info/sigterm/deob/deobfuscators/RenameUnique.java @@ -4,6 +4,7 @@ import java.util.List; import info.sigterm.deob.ClassFile; import info.sigterm.deob.ClassGroup; +import info.sigterm.deob.Deobfuscator; import info.sigterm.deob.Field; import info.sigterm.deob.Interfaces; import info.sigterm.deob.Method; @@ -13,7 +14,7 @@ import info.sigterm.deob.pool.Class; import info.sigterm.deob.signature.Signature; import info.sigterm.deob.signature.Type; -public class RenameUnique +public class RenameUnique implements Deobfuscator { private void renameClass(ClassFile on, ClassFile old, String name) { @@ -93,6 +94,7 @@ public class RenameUnique field.setName(name); } + @Override public void run(ClassGroup group) { int i = 0; diff --git a/src/main/java/info/sigterm/deob/deobfuscators/RuntimeExceptions.java b/src/main/java/info/sigterm/deob/deobfuscators/RuntimeExceptions.java index 7acb07e949..6023ca3e61 100644 --- a/src/main/java/info/sigterm/deob/deobfuscators/RuntimeExceptions.java +++ b/src/main/java/info/sigterm/deob/deobfuscators/RuntimeExceptions.java @@ -2,13 +2,15 @@ package info.sigterm.deob.deobfuscators; import info.sigterm.deob.ClassFile; import info.sigterm.deob.ClassGroup; +import info.sigterm.deob.Deobfuscator; import info.sigterm.deob.Method; import info.sigterm.deob.attributes.Code; import java.util.ArrayList; -public class RuntimeExceptions +public class RuntimeExceptions implements Deobfuscator { + @Override public void run(ClassGroup group) { int i = 0; diff --git a/src/main/java/info/sigterm/deob/deobfuscators/UnusedBlocks.java b/src/main/java/info/sigterm/deob/deobfuscators/UnusedBlocks.java index 155c8cab7e..9d00700783 100644 --- a/src/main/java/info/sigterm/deob/deobfuscators/UnusedBlocks.java +++ b/src/main/java/info/sigterm/deob/deobfuscators/UnusedBlocks.java @@ -2,14 +2,16 @@ package info.sigterm.deob.deobfuscators; import info.sigterm.deob.ClassFile; import info.sigterm.deob.ClassGroup; +import info.sigterm.deob.Deobfuscator; import info.sigterm.deob.Method; import info.sigterm.deob.attributes.code.Block; import info.sigterm.deob.attributes.code.Instructions; import java.util.ArrayList; -public class UnusedBlocks +public class UnusedBlocks implements Deobfuscator { + @Override public void run(ClassGroup group) { int i = 0; diff --git a/src/main/java/info/sigterm/deob/deobfuscators/UnusedFields.java b/src/main/java/info/sigterm/deob/deobfuscators/UnusedFields.java index 3a8f7f3ebd..ce820aa03c 100644 --- a/src/main/java/info/sigterm/deob/deobfuscators/UnusedFields.java +++ b/src/main/java/info/sigterm/deob/deobfuscators/UnusedFields.java @@ -4,6 +4,7 @@ import java.util.ArrayList; import info.sigterm.deob.ClassFile; import info.sigterm.deob.ClassGroup; +import info.sigterm.deob.Deobfuscator; import info.sigterm.deob.Field; import info.sigterm.deob.Method; import info.sigterm.deob.attributes.Code; @@ -12,7 +13,7 @@ import info.sigterm.deob.attributes.code.instruction.types.FieldInstruction; import info.sigterm.deob.attributes.code.instruction.types.GetFieldInstruction; import info.sigterm.deob.attributes.code.instruction.types.SetFieldInstruction; -public class UnusedFields +public class UnusedFields implements Deobfuscator { private static boolean isUnused(ClassGroup group, Field field) { @@ -61,6 +62,7 @@ public class UnusedFields return false; } + @Override public void run(ClassGroup group) { int count = 0; diff --git a/src/main/java/info/sigterm/deob/deobfuscators/UnusedMethods.java b/src/main/java/info/sigterm/deob/deobfuscators/UnusedMethods.java index c932b71b57..888babd62a 100644 --- a/src/main/java/info/sigterm/deob/deobfuscators/UnusedMethods.java +++ b/src/main/java/info/sigterm/deob/deobfuscators/UnusedMethods.java @@ -2,16 +2,18 @@ package info.sigterm.deob.deobfuscators; import info.sigterm.deob.ClassFile; import info.sigterm.deob.ClassGroup; +import info.sigterm.deob.Deobfuscator; import info.sigterm.deob.Method; import info.sigterm.deob.execution.Execution; import java.util.ArrayList; -public class UnusedMethods +public class UnusedMethods implements Deobfuscator { + @Override public void run(ClassGroup group) { - group.buildClassGraph(); + group.buildClassGraph(); // does this use this? Execution execution = new Execution(group); execution.populateInitialMethods(); diff --git a/src/main/java/info/sigterm/deob/deobfuscators/UnusedParameters.java b/src/main/java/info/sigterm/deob/deobfuscators/UnusedParameters.java index ea2c16749f..b223dc3157 100644 --- a/src/main/java/info/sigterm/deob/deobfuscators/UnusedParameters.java +++ b/src/main/java/info/sigterm/deob/deobfuscators/UnusedParameters.java @@ -2,6 +2,7 @@ package info.sigterm.deob.deobfuscators; import info.sigterm.deob.ClassFile; import info.sigterm.deob.ClassGroup; +import info.sigterm.deob.Deobfuscator; import info.sigterm.deob.Method; import info.sigterm.deob.attributes.Code; import info.sigterm.deob.attributes.code.Instruction; @@ -22,7 +23,7 @@ import java.util.Set; import org.apache.commons.collections4.CollectionUtils; -public class UnusedParameters +public class UnusedParameters implements Deobfuscator { private static List findDependentMethods(NameAndType nat, Set visited, ClassGroup group, ClassFile cf) { @@ -238,8 +239,8 @@ public class UnusedParameters for (Method m2 : methods) done.add(m2); - /* removing the parameter can cause collision of overriden methods, - * we should first rename all methods to be unique? + /* removing the parameter can't cause collisions on other (overloaded) methods because prior to this we rename + * all classes/fields/methods to have unique names. */ removeParameter(methods, signature, execution, unusedParameter, lvtIndexes[unusedParameter]); @@ -251,6 +252,7 @@ public class UnusedParameters return new int[] { count }; } + @Override public void run(ClassGroup group) { Execution execution = new Execution(group);