Lysis: An experimental .smx decompiler
1 Attachment(s)
I have been working on an experimental decompiler for compiled .smx files. I don't have much experience in this area, so this is largely a hodgepodge of various things I've learned over the past few years.
Disclaimer: This is not intended for general use. It is not a replacement for source code. It usually does not produce something that can compile. I don't have time to support it or decompile plugins on request. This is for people interested in reverse engineering technology. I've attached the results of decompiling "ucp.smx", a closed-source anti-cheat plugin which is violating the SourceMod license. In the past, closed-source plugins have often either been bogus or contained malicious backdoors. This tool can help combat that by exposing somewhat readable text for a .smx file. I have not checked ucp.smx for backdoors, but anyone running this plugin can now inspect it for themselves. (Yes, I contacted the authors; they were unwilling to work with us.) The decompiler is called "Lysis", and is written in C#. The source is available here: http://hg.alliedmods.net/users/dvand...ods.net/lysis/ Technical Details The decompiler starts by decompressing and extracting each section of the .smx file. These are sections like the list of exported functions, and the compiled instruction stream. The instruction stream is then transformed into a low-level IR (LIR) on a per-function basis. Jump instructions and their targets are used to compute a control-flow graph. A number of analyses then take place on the CFG: a dominator tree is computed, and the boundaries and nesting of loops is computed. Pawn is basically a stack machine and LIR is pretty inconvenient. Originally Lysis went from LIR to an expression tree, but expression trees are difficult to analyze. Now, we transform LIR to an SSA-form IR. This IR has a lot more information, like an embedded dataflow graph. For example, it is trivial to find all IR nodes that use another IR node, and thus it is trivial to rewrite the graph as we discover new information. Pawn is really low-level, so even with SSA, it is pretty tricky to analyze. Some examples:
The original goal of the decompiler was to continue working even in the presence of highly obfuscated binaries. By now, it's reached a tradeoff where it does a lot of pattern matching but also uses flexible analysis phases. However, there are still significant challenges I haven't figured out (and probably won't). Hopefully though, it has enough interesting stuff to be, at least, of educational value. |
Re: Lysis: An experimental .smx decompiler
Looking at the decompiled example right now, this is really amazing :shock:
|
Re: Lysis: An experimental .smx decompiler
BAILOPAN, You stupid noob, I explains that if the code will be opensource, any cheater can able to write an emulator for the anti-cheat. If your goals are noble, you would have yourself checked for malware, and if you found backdoor, would then be posted sourcecode.
|
Re: Lysis: An experimental .smx decompiler
Endi, your right to use and distribute SourceMod or works based on SourceMod was revoked the instant you violated our license - which you are continuing to do.
If you don't like the license, don't use SourceMod. Don't complain that you're not allowed to break the law or the spirit of our community (and don't think I didn't notice that you copied and pasted other people's GPL'd code into your plugin). |
Re: Lysis: An experimental .smx decompiler
BAILOPAN, and? You found backdoor? :) Do not cover the noble aspirations, you just avenged for not open source code.
My project, as well as your, is free, unlike yours, I do not accept Donate. Why are you so hard you want to hurt my project? |
Re: Lysis: An experimental .smx decompiler
Endi - it is obvious why I posted the source code. Your feelings about your project are irrelevant. You have violated our license, and taken advantage our community's hard work and good faith. I contacted you multiple times about this.
If you don't want to obey our license, don't use SourceMod, and don't take advantage of our work. (And, I have no intention of analyzing your source code. However, legitimate users of SourceMod have the right to, and this tool helps ensure that right.) |
Re: Lysis: An experimental .smx decompiler
If you can't write code that is secure even after the source is inspected, you should learn to write better code.
If you can't follow the license for someone else's code, then you can't use it freely. |
Re: Lysis: An experimental .smx decompiler
Arguably the two best anti-cheat plugins, KAC and SMAC both are open source, and all the better for it.
|
Re: Lysis: An experimental .smx decompiler
1 Attachment(s)
new version was posted to the site, here is the Lysis result
|
Re: Lysis: An experimental .smx decompiler
Quote:
Before you willingly violate the SourceMod license, perhaps you should educate yourself on the GPL. Some kind folks have translated the GPLv3 (the license that SourceMod uses) to Russian so I hope it can help you understand it: http://code.google.com/p/gpl3rus/wiki/LatestRelease |
All times are GMT -4. The time now is 09:46. |
Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.