0pepsi/Jinzear

## 适用于 MiWiFi 固件的 Fate/Z Lua 字节码反混淆器。 - 将 Fate/Z 混淆的 Lua 5.1 字节码转换回标准的 Lua 5.1 字节码，以便由 unluac、luadec 或 luac -l 处理。 ## Fate/Z 格式与标准 Lua 5.1 的差异： ``` - Magic: \x1bFate/Z\x1b (8 bytes) instead of \x1bLua (4 bytes) - Header: 16 bytes total (8 magic + version + format + endian + sizeof fields +extra byte) - No LUAC_NUM test number after header - String type tag: 0x07 instead of 0x04 - Boolean type tag: 0x04 instead of 0x01 - Number type tag (double): 0x06 instead of 0x03 - Nil type tag: 0x03 (alternate nil, no payload) in addition to 0x00 - Integer type tag: 0x0c (extension, 4-byte LE int32) - String constants XOR-encrypted (key = last byte of encrypted string) - Source name and debug info name strings: only the size field is stored, no data bytes follow (names are stripped from the bytecode) - Function header field order differs from standard Lua 5.1: Standard: source, linedefined, lastlinedefined, nups, numparams, is_vararg maxstacksize Fate/Z: nups, source, numparams, linedefined, is_vararg, lastlinedefined, maxstacksize (interleaves DumpChar and DumpInt calls differently) - Opcodes are permuted (42-slot table mapped to standard 38 opcodes) - LEN opcode uses C field (non-standard; cleared during conversion) - LOADNIL uses standard encoding (A=start, B=end, B >= A) - Three comparison opcodes (EQ, LT, LE) have duplicate encodings - nups field in function headers is zeroed (obfuscation) ``` 作者：0xmadvise

标签：DAST, Deobfuscator, Fate/Z, IoT 安全, Lua 5.1, Lua 反混淆, MiWiFi 固件, Opcode 还原, rizin, XOR 解密, 二进制分析, 云安全运维, 云资产清单, 固件解密, 字节码还原, 小米路由器, 嵌入式安全, 弱口令检测, 恶意软件分析, 混淆解除, 路由器安全, 逆向工具, 逆向工程