增强现实AR>> deobfuscator>> 返回
项目作者: pcy190

项目描述 :
break ollvm.
高级语言: Python
项目地址: git://github.com/pcy190/deobfuscator.git
创建时间: 2020-11-01T15:01:43Z
项目社区:https://github.com/pcy190/deobfuscator
开源协议:
下载


deobfuscator

Introduction

Flexible deobfuscator.

Feature

x86 x86_64 arm arm64
deflat TODO TODO PARTLY :heavy_check_mark:
  • two engine mode for deflat
  • flexible patch pattern
  • easy to port

Usage:

requirements:

  • python3.7 +
  • dependencies:
    1. pip3 install qiling angr termcolor capstone keystone

modify the start address and filename in main.py, and 

  1. python3 main.py

Specify the strategy 0 or 1 in emulator.search_path, in order to handle different flatten cases.

TODO:

  • support x86, x86_64
  • support Bogus Control Flow deobfuscation
  • add blocks analysis manually
  • IDAPro plugin, in order to mark the blocks visually by interacting with the deobfuscator (to handle different ida python version)