Giter VIP home page Giter VIP logo

bulldozer's Introduction

Bulldozer

A deobfuscator/decompiler written in JavaScript for JavaScript "binaries", currently targeted at collina.js from AliExpress.

Reconstructing a flattened CFG, recovering control structures and deobfuscating literals via partial evaluation. In JavaScript.

Usage

Install dependencies and you're ready to go

npm install
./bulldozer.js -s collinas/collina_orig.js

The process will take some time (especially cyclic regions identification), and the result file will appear alongside the input with _unflattened appended. The resulting file can be used as a drop-in replacement for the original collina.js with chrome overrides.

Debug mode

Passing the parameter -d debug mode is enabled. Beware, it is REALLY chatty

How it works

See my bachelor thesis to have some insights on the concepts behind this work.

We tried to keep the code clean and documented, but neither of us had any previous experience with JavaScript, so it might not follow all the best practices everywhere. Also, we don't like coding, we're hackers.

Contributors

Thanks to

Shape Security Inc. for their wonderful shift-ast suite and unminify.

The angr developers: the CFG analysis part of this project was heavily inspired by their decompiler component.

License

Copyright 2021 @ceres-c and @MrMoDDoM.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

bulldozer's People

Contributors

ceres-c avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.