Nytro Posted December 8, 2014 Report Posted December 8, 2014 Simplify Generic Android Deobfuscator Simplify uses a virtual machine to understand what an app does. Then, it applies optimizations to create code that behaves identically, but is easier for a human to understand. Specifically, it takes Smali files as input and outputs a Dex file with (hopefully) identical semantics but less complicated structure. For example, if an app's strings are encrypted, Simplify will interpret the app in its own virtual machine to determine semantics. Then, it uses the apps own code to decrypt the strings and replaces the encrypted strings and the decryption method calls with the decrypted versions. It's a generic deobfuscator becuase Simplify doesn't need to know how the decryption works ahead of time. This technique also works well for eliminating different types of white noise, such as no-ops and useless arithmetic. Before / After There are three parts to the project: Smali Virtual Machine (SmaliVM) - A VM designed to handle ambiguous values and multiple possible execution paths. For example, if there is an if, and the predicate includes unknown values (user input, current time, read from a file, etc.), the VM will assume either one could happen, and takes the true and false paths. This increases uncertainty, but maintains fidelity. SmaliVM's output is a graph that represents what the app could do. It contains every possible execution path and the register and class member values at each possible execution of every instruction. Simplify - The optimizer. It takes the graphs from SmaliVM and applies optimizations like constant propagation, dead code removal, and specific peephole optimizations. Demoapp - A short and heavily commented project that shows how to get started using SmaliVM. Building There is a bug with dexlib 2.0.3 which can cause Simplify to fail often. To work around, you must:Clone and build Smali Modify this line in smalivm/build.gradle to point to the built jar, if different: compile files('../../smali/dexlib2/build/libs/dexlib2-2.0.3-dev.jar')Sorry for this step. It won't be necessary once updated dexlib is released. To build the jar, use ./gradlew shadowJarSursa: https://github.com/CalebFenton/simplify Quote
