Simplify virtually executes an app to understand its behavior and then tries to optimize the code so that it behaves identically but is easier for a human to understand. Each optimization type is simple and generic, so it doesn’t matter what the specific type of obfuscation is used.
There are three parts to the project: smalivm, simplify, and the demo app.
1. smalivm: Virtual machine library which can execute Android apps. It executes a method and returns a graph which contains the register and class values at every instruction for every possible execution path. It works even if certain values are unknown such as a network response from a server. If it encounters an if and doesn’t know the values of the conditional, it assumes either branch could happen and executes both paths.
2. simplify: Analyzes the graphs from smalivm and applies optimizations such as constant propagation, dead code removal, unreflection, and specific peephole optimizations. The optimizations are fairly simple, but when applied together and in succession, it can decrypt strings, peel back layers of obfuscation, and greatly simplify code.
3. demoapp: Contains simple, heavily commented examples of how to use smalivm. It’s a good place to start if you want to use smalivm in your own projects.
+ Java 8
Usage and install from source:
git clone --recursive https://github.com/CalebFenton/simplify.git
git submodule update --init --recursive
java -jar simplify/build/libs/simplify.jar -it 'org/cf' simplify/obfuscated-example