top | item 45220384

(no title)

synctext | 5 months ago

This is a difficult project. The blog post seems to hint at reasonable feasibility, this stuff is hard! We build a less ambitious tool in the university lab: "ASTANA: Practical String Deobfuscation for Android Applications Using Program Slicing" [0].

Would advise to first read the reverse engineering related work. Genetic programming is just a technique best used when everything else has failed :-)

[0] https://arxiv.org/pdf/2104.02612

discuss

farooqkz|5 months ago

I've read the abstract of your article. I am not much in the field of decompilers. Let alone deobfuscation. It's even hard for me to type it :))

I think it is probably a safe assumption that the kernel binary found on Android devices is not obfuscated. Tho I probably need more research to confirm this.

farooqkz|5 months ago

Thanks for the hints. Of course, it's very very difficult. But one thing I think you missed, is that I'm proposing a "byte equivalent decompilation". And after that, we should go into reading the code readable and understandable.

If we could create a program doing all this, automatically or semi-automatically, it will be great-great because then not releasing the kernel code doesn't matter. I believe if enough effort and time is put into it, there is a good chance we could see such a thing in like 5-7 years.

After that, we might be able to target the binary blobs, the propriety firmwares. Those might have some legal issue, of course. But as long as it is used only to write a FOSS alternative, that probably won't be an issue, I think.