bug fixed

INFO/changelog.json

@@ -4,5 +4,11 @@
         "changes": [
             "De4py released"
         ]
+    },
+    {
+        "version": "1.0.1",
+        "changes": [
+            "bug fixed for BlankOBF deobfuscator"
+        ]
     }
 ]

INFO/version

@@ -1 +1 @@
-V1.0
+V1.0.1

deobfuscators/blankOBF.py

@@ -15,7 +15,12 @@ def disasm(text):
     original_stdout = sys.stdout
     try:
         sys.stdout = disassembly_output
-        dis.dis(marshal.loads(base64.b64decode(codecs.decode(variable_list[0][1], 'rot13')+variable_list[2][1]+variable_list[3][1][::-1]+variable_list[1][1])))
+        marshal_code=(base64.b64decode(codecs.decode(variable_list[0][1], 'rot13')+variable_list[2][1]+variable_list[3][1][::-1]+variable_list[1][1]))
+        try:
+            dis.dis(marshal.loads(marshal_code))
+        except:
+            print("failed to dis marshal code so heres the marshal code only:\n")
+            print(marshal_code)
     finally:
         sys.stdout = original_stdout
     disassembly_text = disassembly_output.getvalue()

deobfuscators/detector.py

@@ -8,7 +8,7 @@
     ("PlusOBF",r"exec\(\"\"\.join\(\[chr\(len\(i\)\) for i in d\]\)\)",PlusOBF),
     ('jawbreaker', r'([a-zA-Z_]\w{3})\s*=\s*([^;]+);', jawbreaker),
     ("wodx", r'(?:__NO_NO){23}', wodx),
-    ("BlankOBF", r"import base64, lzma; exec\(compile\(lzma\.decompress\(base64\.b64decode\(b'([A-Za-z0-9+/=]+)'\)\), \"<string>\", \"exec\"\)\)", BlankOBF),
+    ("BlankOBF", r"import\s*base64,\s*lzma;\s*exec\(compile\(lzma\.decompress\(base64\.b64decode\(b'([A-Za-z0-9+/=]+)'\)\)\s*,\s*\"<string>\"\s*,\s*\"exec\"\)\)", BlankOBF),
 ]
 def detect_obfuscator(file_path):
     file_data = open(file_path,'r',encoding='utf8').read()