Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unable to deobfuscate the sample app #146

Open
geunhayou66 opened this issue Aug 27, 2020 · 1 comment
Open

Unable to deobfuscate the sample app #146

geunhayou66 opened this issue Aug 27, 2020 · 1 comment

Comments

@geunhayou66
Copy link

Hello.
I've applied simplify to the sample app on your github.

Used command is as follow:

  • java -jar simplify/build/libs/simplify.jar -it 'org/cf/obfuscated' -et 'MainActivity' simplify/obfuscated-app.apk

And then, I found out obfuscated-app_simple.apk.

After siging obfuscated-app_simple.apk, I tried to install it on Android Virtual Device.
AVD environment: Oreo 8.1 on Google Pixel 2XL

However, the deobfuscated sample app didn't work...
(The sample app before using simplify works well.)
image

So, I checked log data.
--------- beginning of main
08-27 05:20:34.451 6074 6074 W zygote : Unexpected CPU variant for X86 using defaults: x86
08-27 05:20:34.530 6074 6074 I zygote : Rejecting re-init on previously-failed class java.lang.Class<org.cf.obfuscated.MainActivity>: java.lang.NoClassDefFoundError: Failed resolution of: Landroid/support/v7/app/AppCompatActivity;
08-27 05:20:34.530 6074 6074 I zygote : at java.lang.Class java.lang.VMClassLoader.findLoadedClass(java.lang.ClassLoader, java.lang.String) (VMClassLoader.java:-2)
08-27 05:20:34.530 6074 6074 I zygote : at java.lang.Class java.lang.ClassLoader.findLoadedClass(java.lang.String) (ClassLoader.java:738)
08-27 05:20:34.530 6074 6074 I zygote : at java.lang.Class java.lang.ClassLoader.loadClass(java.lang.String, boolean) (ClassLoader.java:363)
08-27 05:20:34.530 6074 6074 I zygote : at java.lang.Class java.lang.ClassLoader.loadClass(java.lang.String) (ClassLoader.java:312)
08-27 05:20:34.530 6074 6074 I zygote : at android.app.Activity android.app.Instrumentation.newActivity(java.lang.ClassLoader, java.lang.String, android.content.Intent) (Instrumentation.java:1174)
08-27 05:20:34.530 6074 6074 I zygote : at android.app.Activity android.app.ActivityThread.performLaunchActivity(android.app.ActivityThread$ActivityClientRecord, android.content.Intent) (ActivityThread.java:2669)
08-27 05:20:34.530 6074 6074 I zygote : at void android.app.ActivityThread.handleLaunchActivity(android.app.ActivityThread$ActivityClientRecord, android.content.Intent, java.lang.String) (ActivityThread.java:2856)
08-27 05:20:34.530 6074 6074 I zygote : at void android.app.ActivityThread.-wrap11(android.app.ActivityThread, android.app.ActivityThread$ActivityClientRecord, android.content.Intent, java.lang.String) (ActivityThread.java:-1)
08-27 05:20:34.530 6074 6074 I zygote : at void android.app.ActivityThread$H.handleMessage(android.os.Message) (ActivityThread.java:1589)
08-27 05:20:34.530 6074 6074 I zygote : at void android.os.Handler.dispatchMessage(android.os.Message) (Handler.java:106)
08-27 05:20:34.530 6074 6074 I zygote : at void android.os.Looper.loop() (Looper.java:164)
08-27 05:20:34.530 6074 6074 I zygote : at void android.app.ActivityThread.main(java.lang.String[]) (ActivityThread.java:6494)
08-27 05:20:34.530 6074 6074 I zygote : at java.lang.Object java.lang.reflect.Method.invoke(java.lang.Object, java.lang.Object[]) (Method.java:-2)
08-27 05:20:34.530 6074 6074 I zygote : at void com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run() (RuntimeInit.java:438)
08-27 05:20:34.530 6074 6074 I zygote : at void com.android.internal.os.ZygoteInit.main(java.lang.String[]) (ZygoteInit.java:807)
08-27 05:20:34.530 6074 6074 I zygote : Caused by: java.lang.ClassNotFoundException: Didn't find class "android.support.v7.app.AppCompatActivity" on path: DexPathList[[zip file "/data/app/org.cf.obfuscated-GWtxi5sJZmV_zOOYsQ-lsw==/base.apk"],nativeLibraryDirectories=[/data/app/org.cf.obfuscated-GWtxi5sJZmV_zOOYsQ-lsw==/lib/x86, /system/lib, /vendor/lib]]
08-27 05:20:34.530 6074 6074 I zygote : at java.lang.Class dalvik.system.BaseDexClassLoader.findClass(java.lang.String) (BaseDexClassLoader.java:125)
08-27 05:20:34.530 6074 6074 I zygote : at java.lang.Class java.lang.ClassLoader.loadClass(java.lang.String, boolean) (ClassLoader.java:379)
08-27 05:20:34.530 6074 6074 I zygote : at java.lang.Class java.lang.ClassLoader.loadClass(java.lang.String) (ClassLoader.java:312)
08-27 05:20:34.530 6074 6074 I zygote : at java.lang.Class java.lang.VMClassLoader.findLoadedClass(java.lang.ClassLoader, java.lang.String) (VMClassLoader.java:-2)
08-27 05:20:34.530 6074 6074 I zygote : at java.lang.Class java.lang.ClassLoader.findLoadedClass(java.lang.String) (ClassLoader.java:738)
08-27 05:20:34.530 6074 6074 I zygote : at java.lang.Class java.lang.ClassLoader.loadClass(java.lang.String, boolean) (ClassLoader.java:363)
08-27 05:20:34.530 6074 6074 I zygote : at java.lang.Class java.lang.ClassLoader.loadClass(java.lang.String) (ClassLoader.java:312)
08-27 05:20:34.530 6074 6074 I zygote : at android.app.Activity android.app.Instrumentation.newActivity(java.lang.ClassLoader, java.lang.String, android.content.Intent) (Instrumentation.java:1174)
08-27 05:20:34.530 6074 6074 I zygote : at android.app.Activity android.app.ActivityThread.performLaunchActivity(android.app.ActivityThread$ActivityClientRecord, android.content.Intent) (ActivityThread.java:2669)
08-27 05:20:34.531 6074 6074 I zygote : at void android.app.ActivityThread.handleLaunchActivity(android.app.ActivityThread$ActivityClientRecord, android.content.Intent, java.lang.String) (ActivityThread.java:2856)
08-27 05:20:34.531 6074 6074 I zygote : at void android.app.ActivityThread.-wrap11(android.app.ActivityThread, android.app.ActivityThread$ActivityClientRecord, android.content.Intent, java.lang.String) (ActivityThread.java:-1) 08-27 05:20:34.531 6074 6074 I zygote : at void android.app.ActivityThread$H.handleMessage(android.os.Message) (ActivityThread.java:1589)
08-27 05:20:34.531 6074 6074 I zygote : at void android.os.Handler.dispatchMessage(android.os.Message) (Handler.java:106)
08-27 05:20:34.531 6074 6074 I zygote : at void android.os.Looper.loop() (Looper.java:164)
08-27 05:20:34.531 6074 6074 I zygote : at void android.app.ActivityThread.main(java.lang.String[]) (ActivityThread.java:6494)
08-27 05:20:34.531 6074 6074 I zygote : at java.lang.Object java.lang.reflect.Method.invoke(java.lang.Object, java.lang.Object[]) (Method.java:-2)
08-27 05:20:34.531 6074 6074 I zygote : at void com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run() (RuntimeInit.java:438)
08-27 05:20:34.531 6074 6074 I zygote : at void com.android.internal.os.ZygoteInit.main(java.lang.String[]) (ZygoteInit.java:807)
08-27 05:20:34.531 6074 6074 I zygote :
08-27 05:20:34.531 6074 6074 D AndroidRuntime: Shutting down VM
--------- beginning of crash
08-27 05:20:34.531 6074 6074 E AndroidRuntime: FATAL EXCEPTION: main
08-27 05:20:34.531 6074 6074 E AndroidRuntime: Process: org.cf.obfuscated, PID: 6074
08-27 05:20:34.531 6074 6074 E AndroidRuntime: java.lang.RuntimeException: Unable to instantiate activity ComponentInfo{org.cf.obfuscated/org.cf.obfuscated.MainActivity}: java.lang.ClassNotFoundException: Didn't find class "org.cf.obfuscated.MainActivity" on path: DexPathList[[zip file "/data/app/org.cf.obfuscated-GWtxi5sJZmV_zOOYsQ-lsw==/base.apk"],nativeLibraryDirectories=[/data/app/org.cf.obfuscated-GWtxi5sJZmV_zOOYsQ-lsw==/lib/x86, /system/lib, /vendor/lib]]
08-27 05:20:34.531 6074 6074 E AndroidRuntime: at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:2679)
08-27 05:20:34.531 6074 6074 E AndroidRuntime: at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:2856)
08-27 05:20:34.531 6074 6074 E AndroidRuntime: at android.app.ActivityThread.-wrap11(Unknown Source:0)
08-27 05:20:34.531 6074 6074 E AndroidRuntime: at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1589)
08-27 05:20:34.531 6074 6074 E AndroidRuntime: at android.os.Handler.dispatchMessage(Handler.java:106)
08-27 05:20:34.531 6074 6074 E AndroidRuntime: at android.os.Looper.loop(Looper.java:164)
08-27 05:20:34.531 6074 6074 E AndroidRuntime: at android.app.ActivityThread.main(ActivityThread.java:6494)
08-27 05:20:34.531 6074 6074 E AndroidRuntime: at java.lang.reflect.Method.invoke(Native Method)
08-27 05:20:34.531 6074 6074 E AndroidRuntime: at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:438)
08-27 05:20:34.531 6074 6074 E AndroidRuntime: at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:807)
08-27 05:20:34.531 6074 6074 E AndroidRuntime: Caused by: java.lang.ClassNotFoundException: Didn't find class "org.cf.obfuscated.MainActivity" on path: DexPathList[[zip file "/data/app/org.cf.obfuscated-GWtxi5sJZmV_zOOYsQ-lsw==/base.apk"],nativeLibraryDirectories=[/data/app/org.cf.obfuscated-GWtxi5sJZmV_zOOYsQ-lsw==/lib/x86, /system/lib, /vendor/lib]]
08-27 05:20:34.531 6074 6074 E AndroidRuntime: at dalvik.system.BaseDexClassLoader.findClass(BaseDexClassLoader.java:125)
08-27 05:20:34.531 6074 6074 E AndroidRuntime: at java.lang.ClassLoader.loadClass(ClassLoader.java:379)
08-27 05:20:34.531 6074 6074 E AndroidRuntime: at java.lang.ClassLoader.loadClass(ClassLoader.java:312)
08-27 05:20:34.531 6074 6074 E AndroidRuntime: at android.app.Instrumentation.newActivity(Instrumentation.java:1174)
08-27 05:20:34.531 6074 6074 E AndroidRuntime: at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:2669)
08-27 05:20:34.531 6074 6074 E AndroidRuntime: ... 9 more
08-27 05:20:34.531 6074 6074 E AndroidRuntime: Suppressed: java.lang.NoClassDefFoundError: Failed resolution of: Landroid/support/v7/app/AppCompatActivity;
08-27 05:20:34.531 6074 6074 E AndroidRuntime: at java.lang.VMClassLoader.findLoadedClass(Native Method)
08-27 05:20:34.531 6074 6074 E AndroidRuntime: at java.lang.ClassLoader.findLoadedClass(ClassLoader.java:738)
08-27 05:20:34.531 6074 6074 E AndroidRuntime: at java.lang.ClassLoader.loadClass(ClassLoader.java:363)
08-27 05:20:34.531 6074 6074 E AndroidRuntime: ... 12 more
08-27 05:20:34.531 6074 6074 E AndroidRuntime: Caused by: java.lang.ClassNotFoundException: Didn't find class "android.support.v7.app.AppCompatActivity" on path: DexPathList[[zip file "/data/app/org.cf.obfuscated-GWtxi5sJZmV_zOOYsQ-lsw==/base.apk"],nativeLibraryDirectories=[/data/app/org.cf.obfuscated-GWtxi5sJZmV_zOOYsQ-lsw==/lib/x86, /system/lib, /vendor/lib]]
08-27 05:20:34.531 6074 6074 E AndroidRuntime: at dalvik.system.BaseDexClassLoader.findClass(BaseDexClassLoader.java:125)
08-27 05:20:34.531 6074 6074 E AndroidRuntime: at java.lang.ClassLoader.loadClass(ClassLoader.java:379)
08-27 05:20:34.531 6074 6074 E AndroidRuntime: at java.lang.ClassLoader.loadClass(ClassLoader.java:312)
08-27 05:20:34.531 6074 6074 E AndroidRuntime: ... 15 more

Can you help me?
Why the sample app doesn't work?
@CalebFenton
Copy link
Owner

Thanks for the well written report. I've looked into this, found 20 unrelated problems and fixed them, and diagnosed a telling side-effect of the root problem. Namely, the android.support.v7 classes don't exist in the simplified dex. My guess is that I'm overly aggressively excluding the support library to improve optimization speed (i.e. so you don't have to exclude it specifically every time) and perhaps those classes aren't making it to the final DEX.

Should be a simple fix. An easy work around would be to manually put the classes back in yourself.

The reason I've never noticed this is because I use this for malware analysis and never try and run the simplified sample.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@CalebFenton @geunhayou66