A Promising Source-to-Source Deobfuscator

SourceFu: A Promising Source-to-Source Deobfuscator

SourceFu is a Java program that aims to provide a source-to-source deobfuscation framework. With the help of partial evaluation and compilers middle-front, this tool seeks to unravel obfuscated code, making it readable and understandable. While SourceFu is still in an experimental state, it shows immense potential for deobfuscation tasks, and its features and functionalities are steadily advancing.

Quick start:

Getting started with SourceFu is a straightforward process. Simply follow these quick steps:

#
wget https://github.com/Big5-sec/SourceFu/releases/download/Development/sourcefu-dev-0.01.jar
wget https://github.com/Big5-sec/SourceFu/raw/master/tests/VBA/obfuscators/JO-Obfuscator/code.vba
java -jar sourcefu-dev-0.01.jar standalone code.vba

Documentation:

SourceFu’s documentation, available on its GitHub repository, provides a comprehensive guide to using and understanding the tool. The documentation is built with Sphinx and is publicly hosted on GitHub Pages. It can also be built locally for offline access.

Building SourceFu:

Thanks to Gradle, building SourceFu is a breeze. Follow these simple steps to generate the necessary JAR file:

#
cd SourceFu/sourcefu/
./gradlew fatJar

The generated JAR file will be available in the SourceFu/sourcefu/build/libs/ directory.

Wanna help?

There are multiple ways to contribute to the development and improvement of SourceFu:

• Show your interest in the project. Your support and feedback are highly valued.
• Report bugs. If you encounter any issues while using SourceFu, such as crashes or incorrect analysis, please submit an issue with the “bug” tag. Detailed bug reports will greatly assist in the debugging process.
• Request new features. If you have ideas for additional functionalities or improvements, submit an issue with the “feature” tag. The development team will review and consider your requests, potentially adding them to the product roadmap.
• Contribute code. If you are a developer and want to enhance SourceFu’s codebase, don’t hesitate to submit pull requests. Your contributions, even in terms of code documentation and optimization, will be greatly appreciated.
• Contribute language expertise. SourceFu utilizes ANTLR grammars, and you can contribute by producing BNF grammars to expand the supported languages or improve existing ones. There are many opportunities for improvement, such as working solely on the AST or rewriting the TokenStreamWriter Interface.
• Improve the graphical interface. If you are a web developer or graphic designer, you can contribute by enhancing SourceFu’s current graphical interface and even propose a new logo design.
• Tackle scientific challenges. If you are a scientist, there are still open questions in the field of deobfuscation that SourceFu seeks to answer. Can we determine if comments in a code are relevant or not programmatically? How can we rename variables based on their usage in the code? Your expertise in these areas could help drive the progress of SourceFu.

Community:

SourceFu has an active community where users can share their experiences, insights, and questions related to the tool. Stay connected to learn from others and contribute to the community’s collective knowledge.

Creators & Contributors:

SourceFu was created by Nicolas ZILIO. You can follow him on Twitter @Big5_sec and visit his personal website Big5-security.com. If you are interested in becoming a contributor, join the project and leave your mark on this promising tool.

Copyright and License:

SourceFu is licensed under the Mozilla Public License 2.0. The code and documentation are copyrighted by the SourceFu Authors, primarily Nicolas ZILIO. To learn more about the licensing details, please refer to the project’s GitHub repository.

Conclusion:

SourceFu is an exciting source-to-source deobfuscation framework that holds considerable promise. While still in its experimental stage, it showcases unique features and functionalities that make it a standout tool. Its focus on partial evaluation and compilers middle-front gives it an edge over existing deobfuscators. The open-source nature of SourceFu allows for further contributions and improvements from the community. With an active and passionate developer, a growing user base, and ambitious plans laid out in the product roadmap, SourceFu is poised to make a significant impact in the field of deobfuscation.

So why not give SourceFu a try and see how it can assist you in unraveling obfuscated code?