Pentest Tools

Published on April 14th, 2016 📆 | 4282 Views ⚑


Simplify — Generic Android Deobfuscator

Text to Speech

Simplify uses a virtual machine to execute an app and understand what it does. Then, it applies optimizations to create code that behaves identically but is easier for a human to understand. It is a genericdeobfuscator because it doesn’t need any special configuration or code for different types of obfuscation.


Generic Android Deobfuscator: Simplify


There are three parts to the project:

  1. smalivm: Creates a context sensitive control flow graph of a method by executing each instruction. The value of all classes and registers is recorded at every execution of every instruction. It doesn’t need to know the arguments for a method to execute it as it handles unknown values. Also, it executes every possible path. For example, if an if could be true or false because it references an unknown value, it assumes both could happen and executes both paths.
  2. simplify: Takes the graphs from smalivm and applies optimizations such as constant propagation, dead code removal, unreflection, and specific peephole optimizations.
  3. demoapp: Contains simple, heavily commented examples of how to use smalivm.

[adsense size='1']

Generic Android Deobfuscator: Building

Because this project contains submodules, either clone with --recursive:

git clone --recursive

Or update submodules at any time with:

git submodule update --init --recursive

Then, to build a single jar:

./gradlew fatjar

The Simplify jar will be in simplify/build/libs/simplify.jar

You can test it’s working with: java -jar simplify/build/libs/simplify.jar -it 'org/cf' simplify/obfuscated-example


Source && Download

Leave a Reply

Your email address will not be published.