Quote:
|
Originally Posted by makawanw' pid='14097' dateline='1481472957
can you have me to decompiler this file
|
Wow interesting example. It uses build in AutoITfunction & keyword tokens.
I wonder how ya compiled this?
So far I saw the normal Aut2Exe compiler includes keyword as strings like this:
0x30 "GLOBAL"; 0x30 "CONST"
But in this example it's like this:
0x00 KEYWORDS[
29]; 0x00 KEYWORDS[
30]
The detokeniser of the decompiler is not prepared to that and so just decompile it like this:
2930 $OPT_...
instead of
GLOBAL CONST $OPT_...
Well I fixed that. (...and added the 0x00-CommandToken.) There are only about 46 keywords as well as the AutoITfunction table ( the 0x01-CommandToken) that has about 400 entries.
Well however I'm not getting what that script is good for. It's called '7Kscript' and targets some Android Game called '7 Knights'.
After removing string obfuscation most message are still gibberish since they are in thai. How the script targets '
BlueStacks App Player' or '
Nox App Player' and emulator to run android stuff on Windows.
There is even a video about
:
[video=youtube]https://youtu.be/NedTdWyIWJc[/video]
But yes it still feels a little weird to bot a game inside some emulator.
What about directly targeting/patching the APK?
These *.dex java files are often good target to decompile and modify them directly.
[size=large]
[/size]
UPDATE:
Latest Version will be available at this
[attachment=4241]
this also includes a special version of MATE decompiler (currently feb 2017 - Version2.15.209) to deal with its homemade obfuscation
