Explore all Reverse Engineering open source software, libraries, packages, source code, cloud functions and APIs.

Popular New Releases in Reverse Engineering

ghidra

Ghidra 10.1.2

radare2

5.6.8 - codename: remora

ILSpy

ILSpy 8.0 Preview 1

bytecode-viewer

2.11.1 - Bug Fixes

ImHex

Yara console module, type forward declarations, default parameters and tons of bug fixes

Popular Libraries in Reverse Engineering

ghidra

by NationalSecurityAgency doticonjavadoticon

star image 32169 doticonApache-2.0

Ghidra is a software reverse engineering (SRE) framework

radare2

by radareorg doticoncdoticon

star image 16118 doticonLGPL-3.0

UNIX-like reverse engineering framework and command-line toolset

ILSpy

by icsharpcode doticoncsharpdoticon

star image 14846 doticon

.NET Decompiler with support for PDB generation, ReadyToRun, Metadata (&more) - cross-platform!

bytecode-viewer

by Konloch doticonjavadoticon

star image 12765 doticonGPL-3.0

A Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)

ImHex

by WerWolv doticonc++doticon

star image 12561 doticonGPL-2.0

๐Ÿ” A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.

ish

by ish-app doticoncdoticon

star image 11752 doticonNOASSERTION

Linux shell for iOS

cutter

by rizinorg doticonc++doticon

star image 11133 doticonGPL-3.0

Free and Open Source Reverse Engineering Platform powered by rizin

frida

by frida doticonpythondoticon

star image 9541 doticonNOASSERTION

Clone this repo to build Frida

Mirai-Source-Code

by jgamblin doticoncdoticon

star image 6899 doticonGPL-3.0

Leaked Mirai Source Code for Research/IoC Development Purposes

Trending New libraries in Reverse Engineering

ImHex

by WerWolv doticonc++doticon

star image 12561 doticonGPL-2.0

๐Ÿ” A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.

capa

by mandiant doticonpythondoticon

star image 2152 doticonApache-2.0

The FLARE team's open-source tool to identify capabilities in executable files.

corona

by geohot doticonpythondoticon

star image 1920 doticon

Reverse engineering SARS-CoV-2

capa

by fireeye doticonpythondoticon

star image 1645 doticonApache-2.0

The FLARE team's open-source tool to identify capabilities in executable files.

SpaceCadetPinball

by k4zmu2a doticonc++doticon

star image 1404 doticonMIT

Decompilation of 3D Pinball for Windows โ€“ Space Cadet

CobaltStrike

by Freakboy doticonjavadoticon

star image 1373 doticon

CobaltStrike's source code

rizin

by rizinorg doticoncdoticon

star image 1343 doticonLGPL-3.0

UNIX-like reverse engineering framework and command-line toolset.

pe_tree

by blackberry doticonpythondoticon

star image 1126 doticonApache-2.0

Python module for viewing Portable Executable (PE) files in a tree-view using pefile and PyQt5. Can also be used with IDA Pro and Rekall to dump in-memory PE files and reconstruct imports.

APKLab

by APKLab doticontypescriptdoticon

star image 1018 doticonAGPL-3.0

Android Reverse-Engineering Workbench for VS Code

Top Authors in Reverse Engineering

1

radareorg

11 Libraries

star icon18061

2

gdbinit

10 Libraries

star icon2615

3

nihilus

9 Libraries

star icon96

4

GrammaTech

8 Libraries

star icon644

5

extremecoders-re

8 Libraries

star icon838

6

iGio90

7 Libraries

star icon1218

7

simontime

7 Libraries

star icon61

8

fireeye

7 Libraries

star icon5396

9

horsicq

7 Libraries

star icon5134

10

gibbed

6 Libraries

star icon140

1

11 Libraries

star icon18061

2

10 Libraries

star icon2615

3

9 Libraries

star icon96

4

8 Libraries

star icon644

5

8 Libraries

star icon838

6

7 Libraries

star icon1218

7

7 Libraries

star icon61

8

7 Libraries

star icon5396

9

7 Libraries

star icon5134

10

6 Libraries

star icon140

Trending Kits in Reverse Engineering

No Trending Kits are available at this moment for Reverse Engineering

Trending Discussions on Reverse Engineering

MySQL first database creation

Php array to pow numbers revers function problem

Translating C# to PowerShell

How to obfuscate Kotlin properties with R8?

How to download a file using Python requests, when that file is being served with redirect?

Time-dependent, repeatable pseudo-random number

Selecting random radio button using JavaScript

How to securely store a hardcoded API key on Android?

Reverse engineering .proto files from pb2.py generated with protoc

Flutter is it meaningless to upload debug symbols on obfuscating?

QUESTION

MySQL first database creation

Asked 2022-Mar-26 at 19:18

I need to create a database for employees that stores information about their names, salaries, salary status, dates, and messages between the employees. At least 3 users are needed. Foreign keys and an ER diagram. Can I go about creating this database by creating tables, importing data thru code and then just create a diagram by reverse engineering. I have no clue. My main concern is whether it is enough to only use tables or is there more to it? I'm completely new to MySQL and I hope some of you can help me out.

ANSWER

Answered 2022-Mar-26 at 19:18

If you are using phpmyadmin, you can easily create a database and tables. or if you want to create by code you can use like,

CREATE DATABASE databasename;

and table will be created by like,

1CREATE TABLE employees (
2column1 datatype,
3column2 datatype,
4column3 datatype,
5....
6 );
7

Source https://stackoverflow.com/questions/71631063

QUESTION

Php array to pow numbers revers function problem

Asked 2022-Mar-18 at 14:41
1<style>
2.red{color:red;}
3.green{color:green;}
4</style>
5<?php
6function array2aiflag($inputString){
7    $arAIFlag = ["AGGR","NOMOVE","COWARD","NOATTSHINSU","NOATTCHUNJO","NOATTJINNO","ATTMOB","BERSERK","STONESKIN","GODSPEED","DEATHBLOW","REVIVE"];
8    $retValue = 0;
9    $arInputString = explode(",",$inputString);
10    for($i=0;$i<sizeof($arAIFlag);$i++) {
11        $tempString = $arAIFlag[$i];
12        for ($j=0;$j<30;$j++){
13            if(isset($arInputString[$j])){
14                    $tempString2 = $arInputString[$j];
15            }else{
16                $tempString2 = $inputString;
17            }
18            if(strcmp($tempString2,$tempString) == 0){
19                $retValue+=pow(2,$i);
20            }           
21            if(strcmp($tempString2,"") == 0){
22                break;
23            }
24        }
25    }
26    unset($arInputString);
27    return $retValue;
28}
29function aiflag2array($flag,$target=[],$str=""){
30    $tar=["AGGR","NOMOVE","COWARD","NOATTSHINSU","NOATTCHUNJO","NOATTJINNO","ATTMOB","BERSERK","STONESKIN","GODSPEED","DEATHBLOW","REVIVE"];
31    for($x=0;$x<count($tar);$x++){
32        $target[pow(2,$x)]=$tar[$x];
33    }   
34    for($i=count($tar)-1;$i>-1;$i--){
35        $pow = pow(2, $i);
36        if($pow < $flag){
37            $str = ",".$target[$pow].$str;
38            $flag = $flag-$pow;
39        }elseif($pow == $flag){
40            return "".$target[$pow].$str;
41        }
42    }
43    return "NONE";
44}
45
46
47$sample=["AGGR","AGGR,BERSERK","AGGR,BERSERK,DEATHBLOW,REVIVE","AGGR,BERSERK,STONESKIN","AGGR,BERSERK,STONESKIN,DEATHBLOW","AGGR,BERSERK,STONESKIN,DEATHBLOW,REVIVE","AGGR,BERSERK,STONESKIN,DEATHBLOW,REVIVE","AGGR,DEATHBLOW","AGGR,GODSPEED","AGGR,GODSPEED","AGGR,NOATTCHUNJO","AGGR,NOATTJINNO","AGGR,NOATTSHINSU","AGGR,NOMOVE","AGGR,REVIVE","AGGR,STONESKIN","BERSERK","BERSERK,STONESKIN","COWARD","NOMOVE","AGGR,NOMOVE,BERSERK,GODSPEED,DEATHBLOW","NOMOVE,STONESKIN","NOMOVE,STONESKIN","REVIVE"];
48foreach($sample as $k=>$v){
49    $no1=array2aiflag($v);
50    $no2=array2aiflag(aiflag2array($no1));
51    if($v != aiflag2array($no1)){
52        echo '<a class="red"> OriginalData - <b>'.$v.' ['.$no1.']</b> - ReversData - <b>'.aiflag2array($no1).' ['.$no2.']</b><br>';
53    }else{      
54        echo '<a class="green"> OriginalData - <b>'.$v.' ['.$no1.']</b> - ReversData - <b>'.aiflag2array($no1).' ['.$no2.']</b><br>';
55    }
56}
57?>
58

When I run the code above, I convert 24 sample data into a folded number and print it. Then when I want to call the numbers from the database and convert them back to strings, some of them seem wrong.

Result:

1<style>
2.red{color:red;}
3.green{color:green;}
4</style>
5<?php
6function array2aiflag($inputString){
7    $arAIFlag = ["AGGR","NOMOVE","COWARD","NOATTSHINSU","NOATTCHUNJO","NOATTJINNO","ATTMOB","BERSERK","STONESKIN","GODSPEED","DEATHBLOW","REVIVE"];
8    $retValue = 0;
9    $arInputString = explode(",",$inputString);
10    for($i=0;$i<sizeof($arAIFlag);$i++) {
11        $tempString = $arAIFlag[$i];
12        for ($j=0;$j<30;$j++){
13            if(isset($arInputString[$j])){
14                    $tempString2 = $arInputString[$j];
15            }else{
16                $tempString2 = $inputString;
17            }
18            if(strcmp($tempString2,$tempString) == 0){
19                $retValue+=pow(2,$i);
20            }           
21            if(strcmp($tempString2,"") == 0){
22                break;
23            }
24        }
25    }
26    unset($arInputString);
27    return $retValue;
28}
29function aiflag2array($flag,$target=[],$str=""){
30    $tar=["AGGR","NOMOVE","COWARD","NOATTSHINSU","NOATTCHUNJO","NOATTJINNO","ATTMOB","BERSERK","STONESKIN","GODSPEED","DEATHBLOW","REVIVE"];
31    for($x=0;$x<count($tar);$x++){
32        $target[pow(2,$x)]=$tar[$x];
33    }   
34    for($i=count($tar)-1;$i>-1;$i--){
35        $pow = pow(2, $i);
36        if($pow < $flag){
37            $str = ",".$target[$pow].$str;
38            $flag = $flag-$pow;
39        }elseif($pow == $flag){
40            return "".$target[$pow].$str;
41        }
42    }
43    return "NONE";
44}
45
46
47$sample=["AGGR","AGGR,BERSERK","AGGR,BERSERK,DEATHBLOW,REVIVE","AGGR,BERSERK,STONESKIN","AGGR,BERSERK,STONESKIN,DEATHBLOW","AGGR,BERSERK,STONESKIN,DEATHBLOW,REVIVE","AGGR,BERSERK,STONESKIN,DEATHBLOW,REVIVE","AGGR,DEATHBLOW","AGGR,GODSPEED","AGGR,GODSPEED","AGGR,NOATTCHUNJO","AGGR,NOATTJINNO","AGGR,NOATTSHINSU","AGGR,NOMOVE","AGGR,REVIVE","AGGR,STONESKIN","BERSERK","BERSERK,STONESKIN","COWARD","NOMOVE","AGGR,NOMOVE,BERSERK,GODSPEED,DEATHBLOW","NOMOVE,STONESKIN","NOMOVE,STONESKIN","REVIVE"];
48foreach($sample as $k=>$v){
49    $no1=array2aiflag($v);
50    $no2=array2aiflag(aiflag2array($no1));
51    if($v != aiflag2array($no1)){
52        echo '<a class="red"> OriginalData - <b>'.$v.' ['.$no1.']</b> - ReversData - <b>'.aiflag2array($no1).' ['.$no2.']</b><br>';
53    }else{      
54        echo '<a class="green"> OriginalData - <b>'.$v.' ['.$no1.']</b> - ReversData - <b>'.aiflag2array($no1).' ['.$no2.']</b><br>';
55    }
56}
57?>
58OriginalData - AGGR [30] - ReversData - NOMOVE,COWARD,NOATTSHINSU,NOATTCHUNJO [30]
59OriginalData - AGGR,BERSERK [129] - ReversData - AGGR,BERSERK [129]
60OriginalData - AGGR,BERSERK,DEATHBLOW,REVIVE [3201] - ReversData - AGGR,BERSERK,DEATHBLOW,REVIVE [3201]
61OriginalData - AGGR,BERSERK,STONESKIN [385] - ReversData - AGGR,BERSERK,STONESKIN [385]
62OriginalData - AGGR,BERSERK,STONESKIN,DEATHBLOW [1409] - ReversData - AGGR,BERSERK,STONESKIN,DEATHBLOW [1409]
63OriginalData - AGGR,BERSERK,STONESKIN,DEATHBLOW,REVIVE [3457] - ReversData - AGGR,BERSERK,STONESKIN,DEATHBLOW,REVIVE [3457]
64OriginalData - AGGR,BERSERK,STONESKIN,DEATHBLOW,REVIVE [3457] - ReversData - AGGR,BERSERK,STONESKIN,DEATHBLOW,REVIVE [3457]
65OriginalData - AGGR,DEATHBLOW [1025] - ReversData - AGGR,DEATHBLOW [1025]
66OriginalData - AGGR,GODSPEED [513] - ReversData - AGGR,GODSPEED [513]
67OriginalData - AGGR,GODSPEED [513] - ReversData - AGGR,GODSPEED [513]
68OriginalData - AGGR,NOATTCHUNJO [17] - ReversData - AGGR,NOATTCHUNJO [17]
69OriginalData - AGGR,NOATTJINNO [33] - ReversData - AGGR,NOATTJINNO [33]
70OriginalData - AGGR,NOATTSHINSU [9] - ReversData - AGGR,NOATTSHINSU [9]
71OriginalData - AGGR,NOMOVE [3] - ReversData - AGGR,NOMOVE [3]
72OriginalData - AGGR,REVIVE [2049] - ReversData - AGGR,REVIVE [2049]
73OriginalData - AGGR,STONESKIN [257] - ReversData - AGGR,STONESKIN [257]
74OriginalData - BERSERK [3840] - ReversData - STONESKIN,GODSPEED,DEATHBLOW,REVIVE [3840]
75OriginalData - BERSERK,STONESKIN [384] - ReversData - BERSERK,STONESKIN [384]
76OriginalData - COWARD [120] - ReversData - NOATTSHINSU,NOATTCHUNJO,NOATTJINNO,ATTMOB [120]
77OriginalData - NOMOVE [60] - ReversData - COWARD,NOATTSHINSU,NOATTCHUNJO,NOATTJINNO [60]
78OriginalData - AGGR,NOMOVE,BERSERK,GODSPEED,DEATHBLOW [1667] - ReversData - AGGR,NOMOVE,BERSERK,GODSPEED,DEATHBLOW [1667]
79OriginalData - NOMOVE,STONESKIN [258] - ReversData - NOMOVE,STONESKIN [258]
80OriginalData - NOMOVE,STONESKIN [258] - ReversData - NOMOVE,STONESKIN [258]
81OriginalData - REVIVE [61440] - ReversData - NONE [0]
82

Reverse engineering is required. There is a problem with the number 30 in the aiflag2array function.

The array2aiflag function should not be modified. aiflag2array needs to be edited.

I would appreciate it if you could help me fix it. thanks.

ANSWER

Answered 2022-Mar-18 at 14:41

OK, I thought this was a nice thing to work on. I must say that I miss the context, I have no idea what this will be used for. Context is important for understanding the code. I assume it is some kind of game?

The first thing to do is to get the array definitions out of the way:

1<style>
2.red{color:red;}
3.green{color:green;}
4</style>
5<?php
6function array2aiflag($inputString){
7    $arAIFlag = ["AGGR","NOMOVE","COWARD","NOATTSHINSU","NOATTCHUNJO","NOATTJINNO","ATTMOB","BERSERK","STONESKIN","GODSPEED","DEATHBLOW","REVIVE"];
8    $retValue = 0;
9    $arInputString = explode(",",$inputString);
10    for($i=0;$i<sizeof($arAIFlag);$i++) {
11        $tempString = $arAIFlag[$i];
12        for ($j=0;$j<30;$j++){
13            if(isset($arInputString[$j])){
14                    $tempString2 = $arInputString[$j];
15            }else{
16                $tempString2 = $inputString;
17            }
18            if(strcmp($tempString2,$tempString) == 0){
19                $retValue+=pow(2,$i);
20            }           
21            if(strcmp($tempString2,"") == 0){
22                break;
23            }
24        }
25    }
26    unset($arInputString);
27    return $retValue;
28}
29function aiflag2array($flag,$target=[],$str=""){
30    $tar=["AGGR","NOMOVE","COWARD","NOATTSHINSU","NOATTCHUNJO","NOATTJINNO","ATTMOB","BERSERK","STONESKIN","GODSPEED","DEATHBLOW","REVIVE"];
31    for($x=0;$x<count($tar);$x++){
32        $target[pow(2,$x)]=$tar[$x];
33    }   
34    for($i=count($tar)-1;$i>-1;$i--){
35        $pow = pow(2, $i);
36        if($pow < $flag){
37            $str = ",".$target[$pow].$str;
38            $flag = $flag-$pow;
39        }elseif($pow == $flag){
40            return "".$target[$pow].$str;
41        }
42    }
43    return "NONE";
44}
45
46
47$sample=["AGGR","AGGR,BERSERK","AGGR,BERSERK,DEATHBLOW,REVIVE","AGGR,BERSERK,STONESKIN","AGGR,BERSERK,STONESKIN,DEATHBLOW","AGGR,BERSERK,STONESKIN,DEATHBLOW,REVIVE","AGGR,BERSERK,STONESKIN,DEATHBLOW,REVIVE","AGGR,DEATHBLOW","AGGR,GODSPEED","AGGR,GODSPEED","AGGR,NOATTCHUNJO","AGGR,NOATTJINNO","AGGR,NOATTSHINSU","AGGR,NOMOVE","AGGR,REVIVE","AGGR,STONESKIN","BERSERK","BERSERK,STONESKIN","COWARD","NOMOVE","AGGR,NOMOVE,BERSERK,GODSPEED,DEATHBLOW","NOMOVE,STONESKIN","NOMOVE,STONESKIN","REVIVE"];
48foreach($sample as $k=>$v){
49    $no1=array2aiflag($v);
50    $no2=array2aiflag(aiflag2array($no1));
51    if($v != aiflag2array($no1)){
52        echo '<a class="red"> OriginalData - <b>'.$v.' ['.$no1.']</b> - ReversData - <b>'.aiflag2array($no1).' ['.$no2.']</b><br>';
53    }else{      
54        echo '<a class="green"> OriginalData - <b>'.$v.' ['.$no1.']</b> - ReversData - <b>'.aiflag2array($no1).' ['.$no2.']</b><br>';
55    }
56}
57?>
58OriginalData - AGGR [30] - ReversData - NOMOVE,COWARD,NOATTSHINSU,NOATTCHUNJO [30]
59OriginalData - AGGR,BERSERK [129] - ReversData - AGGR,BERSERK [129]
60OriginalData - AGGR,BERSERK,DEATHBLOW,REVIVE [3201] - ReversData - AGGR,BERSERK,DEATHBLOW,REVIVE [3201]
61OriginalData - AGGR,BERSERK,STONESKIN [385] - ReversData - AGGR,BERSERK,STONESKIN [385]
62OriginalData - AGGR,BERSERK,STONESKIN,DEATHBLOW [1409] - ReversData - AGGR,BERSERK,STONESKIN,DEATHBLOW [1409]
63OriginalData - AGGR,BERSERK,STONESKIN,DEATHBLOW,REVIVE [3457] - ReversData - AGGR,BERSERK,STONESKIN,DEATHBLOW,REVIVE [3457]
64OriginalData - AGGR,BERSERK,STONESKIN,DEATHBLOW,REVIVE [3457] - ReversData - AGGR,BERSERK,STONESKIN,DEATHBLOW,REVIVE [3457]
65OriginalData - AGGR,DEATHBLOW [1025] - ReversData - AGGR,DEATHBLOW [1025]
66OriginalData - AGGR,GODSPEED [513] - ReversData - AGGR,GODSPEED [513]
67OriginalData - AGGR,GODSPEED [513] - ReversData - AGGR,GODSPEED [513]
68OriginalData - AGGR,NOATTCHUNJO [17] - ReversData - AGGR,NOATTCHUNJO [17]
69OriginalData - AGGR,NOATTJINNO [33] - ReversData - AGGR,NOATTJINNO [33]
70OriginalData - AGGR,NOATTSHINSU [9] - ReversData - AGGR,NOATTSHINSU [9]
71OriginalData - AGGR,NOMOVE [3] - ReversData - AGGR,NOMOVE [3]
72OriginalData - AGGR,REVIVE [2049] - ReversData - AGGR,REVIVE [2049]
73OriginalData - AGGR,STONESKIN [257] - ReversData - AGGR,STONESKIN [257]
74OriginalData - BERSERK [3840] - ReversData - STONESKIN,GODSPEED,DEATHBLOW,REVIVE [3840]
75OriginalData - BERSERK,STONESKIN [384] - ReversData - BERSERK,STONESKIN [384]
76OriginalData - COWARD [120] - ReversData - NOATTSHINSU,NOATTCHUNJO,NOATTJINNO,ATTMOB [120]
77OriginalData - NOMOVE [60] - ReversData - COWARD,NOATTSHINSU,NOATTCHUNJO,NOATTJINNO [60]
78OriginalData - AGGR,NOMOVE,BERSERK,GODSPEED,DEATHBLOW [1667] - ReversData - AGGR,NOMOVE,BERSERK,GODSPEED,DEATHBLOW [1667]
79OriginalData - NOMOVE,STONESKIN [258] - ReversData - NOMOVE,STONESKIN [258]
80OriginalData - NOMOVE,STONESKIN [258] - ReversData - NOMOVE,STONESKIN [258]
81OriginalData - REVIVE [61440] - ReversData - NONE [0]
82$states = ["AGGR",
83           "NOMOVE",
84           "COWARD",
85           "NOATTSHINSU",
86            "NOATTCHUNJO",
87           "NOATTJINNO",
88           "ATTMOB",
89           "BERSERK",
90           "STONESKIN",
91           "GODSPEED",
92           "DEATHBLOW",
93           "REVIVE"];
94
95$samples = ["AGGR",
96            "AGGR,BERSERK",
97            "AGGR,BERSERK,DEATHBLOW,REVIVE",
98            "AGGR,BERSERK,STONESKIN",
99            "AGGR,BERSERK,STONESKIN,DEATHBLOW",
100            "AGGR,BERSERK,STONESKIN,DEATHBLOW,REVIVE",
101            "AGGR,BERSERK,STONESKIN,DEATHBLOW,REVIVE",
102            "AGGR,DEATHBLOW",
103            "AGGR,GODSPEED",
104            "AGGR,GODSPEED",
105            "AGGR,NOATTCHUNJO",
106            "AGGR,NOATTJINNO",
107            "AGGR,NOATTSHINSU",
108            "AGGR,NOMOVE",
109            "AGGR,REVIVE",
110            "AGGR,STONESKIN",
111            "BERSERK",
112            "BERSERK,STONESKIN",
113            "COWARD",
114            "NOMOVE",
115            "AGGR,NOMOVE,BERSERK,GODSPEED,DEATHBLOW",
116            "NOMOVE,STONESKIN",
117            "NOMOVE,STONESKIN",
118            "REVIVE"];
119

I used $states and $samples. You can change these names, of course. What is important is that you don't make your lines to long, no longer than 80 - 100 characters.

Next is the code for the conversion from, what I call flags, to states and the other way around:

1<style>
2.red{color:red;}
3.green{color:green;}
4</style>
5<?php
6function array2aiflag($inputString){
7    $arAIFlag = ["AGGR","NOMOVE","COWARD","NOATTSHINSU","NOATTCHUNJO","NOATTJINNO","ATTMOB","BERSERK","STONESKIN","GODSPEED","DEATHBLOW","REVIVE"];
8    $retValue = 0;
9    $arInputString = explode(",",$inputString);
10    for($i=0;$i<sizeof($arAIFlag);$i++) {
11        $tempString = $arAIFlag[$i];
12        for ($j=0;$j<30;$j++){
13            if(isset($arInputString[$j])){
14                    $tempString2 = $arInputString[$j];
15            }else{
16                $tempString2 = $inputString;
17            }
18            if(strcmp($tempString2,$tempString) == 0){
19                $retValue+=pow(2,$i);
20            }           
21            if(strcmp($tempString2,"") == 0){
22                break;
23            }
24        }
25    }
26    unset($arInputString);
27    return $retValue;
28}
29function aiflag2array($flag,$target=[],$str=""){
30    $tar=["AGGR","NOMOVE","COWARD","NOATTSHINSU","NOATTCHUNJO","NOATTJINNO","ATTMOB","BERSERK","STONESKIN","GODSPEED","DEATHBLOW","REVIVE"];
31    for($x=0;$x<count($tar);$x++){
32        $target[pow(2,$x)]=$tar[$x];
33    }   
34    for($i=count($tar)-1;$i>-1;$i--){
35        $pow = pow(2, $i);
36        if($pow < $flag){
37            $str = ",".$target[$pow].$str;
38            $flag = $flag-$pow;
39        }elseif($pow == $flag){
40            return "".$target[$pow].$str;
41        }
42    }
43    return "NONE";
44}
45
46
47$sample=["AGGR","AGGR,BERSERK","AGGR,BERSERK,DEATHBLOW,REVIVE","AGGR,BERSERK,STONESKIN","AGGR,BERSERK,STONESKIN,DEATHBLOW","AGGR,BERSERK,STONESKIN,DEATHBLOW,REVIVE","AGGR,BERSERK,STONESKIN,DEATHBLOW,REVIVE","AGGR,DEATHBLOW","AGGR,GODSPEED","AGGR,GODSPEED","AGGR,NOATTCHUNJO","AGGR,NOATTJINNO","AGGR,NOATTSHINSU","AGGR,NOMOVE","AGGR,REVIVE","AGGR,STONESKIN","BERSERK","BERSERK,STONESKIN","COWARD","NOMOVE","AGGR,NOMOVE,BERSERK,GODSPEED,DEATHBLOW","NOMOVE,STONESKIN","NOMOVE,STONESKIN","REVIVE"];
48foreach($sample as $k=>$v){
49    $no1=array2aiflag($v);
50    $no2=array2aiflag(aiflag2array($no1));
51    if($v != aiflag2array($no1)){
52        echo '<a class="red"> OriginalData - <b>'.$v.' ['.$no1.']</b> - ReversData - <b>'.aiflag2array($no1).' ['.$no2.']</b><br>';
53    }else{      
54        echo '<a class="green"> OriginalData - <b>'.$v.' ['.$no1.']</b> - ReversData - <b>'.aiflag2array($no1).' ['.$no2.']</b><br>';
55    }
56}
57?>
58OriginalData - AGGR [30] - ReversData - NOMOVE,COWARD,NOATTSHINSU,NOATTCHUNJO [30]
59OriginalData - AGGR,BERSERK [129] - ReversData - AGGR,BERSERK [129]
60OriginalData - AGGR,BERSERK,DEATHBLOW,REVIVE [3201] - ReversData - AGGR,BERSERK,DEATHBLOW,REVIVE [3201]
61OriginalData - AGGR,BERSERK,STONESKIN [385] - ReversData - AGGR,BERSERK,STONESKIN [385]
62OriginalData - AGGR,BERSERK,STONESKIN,DEATHBLOW [1409] - ReversData - AGGR,BERSERK,STONESKIN,DEATHBLOW [1409]
63OriginalData - AGGR,BERSERK,STONESKIN,DEATHBLOW,REVIVE [3457] - ReversData - AGGR,BERSERK,STONESKIN,DEATHBLOW,REVIVE [3457]
64OriginalData - AGGR,BERSERK,STONESKIN,DEATHBLOW,REVIVE [3457] - ReversData - AGGR,BERSERK,STONESKIN,DEATHBLOW,REVIVE [3457]
65OriginalData - AGGR,DEATHBLOW [1025] - ReversData - AGGR,DEATHBLOW [1025]
66OriginalData - AGGR,GODSPEED [513] - ReversData - AGGR,GODSPEED [513]
67OriginalData - AGGR,GODSPEED [513] - ReversData - AGGR,GODSPEED [513]
68OriginalData - AGGR,NOATTCHUNJO [17] - ReversData - AGGR,NOATTCHUNJO [17]
69OriginalData - AGGR,NOATTJINNO [33] - ReversData - AGGR,NOATTJINNO [33]
70OriginalData - AGGR,NOATTSHINSU [9] - ReversData - AGGR,NOATTSHINSU [9]
71OriginalData - AGGR,NOMOVE [3] - ReversData - AGGR,NOMOVE [3]
72OriginalData - AGGR,REVIVE [2049] - ReversData - AGGR,REVIVE [2049]
73OriginalData - AGGR,STONESKIN [257] - ReversData - AGGR,STONESKIN [257]
74OriginalData - BERSERK [3840] - ReversData - STONESKIN,GODSPEED,DEATHBLOW,REVIVE [3840]
75OriginalData - BERSERK,STONESKIN [384] - ReversData - BERSERK,STONESKIN [384]
76OriginalData - COWARD [120] - ReversData - NOATTSHINSU,NOATTCHUNJO,NOATTJINNO,ATTMOB [120]
77OriginalData - NOMOVE [60] - ReversData - COWARD,NOATTSHINSU,NOATTCHUNJO,NOATTJINNO [60]
78OriginalData - AGGR,NOMOVE,BERSERK,GODSPEED,DEATHBLOW [1667] - ReversData - AGGR,NOMOVE,BERSERK,GODSPEED,DEATHBLOW [1667]
79OriginalData - NOMOVE,STONESKIN [258] - ReversData - NOMOVE,STONESKIN [258]
80OriginalData - NOMOVE,STONESKIN [258] - ReversData - NOMOVE,STONESKIN [258]
81OriginalData - REVIVE [61440] - ReversData - NONE [0]
82$states = ["AGGR",
83           "NOMOVE",
84           "COWARD",
85           "NOATTSHINSU",
86            "NOATTCHUNJO",
87           "NOATTJINNO",
88           "ATTMOB",
89           "BERSERK",
90           "STONESKIN",
91           "GODSPEED",
92           "DEATHBLOW",
93           "REVIVE"];
94
95$samples = ["AGGR",
96            "AGGR,BERSERK",
97            "AGGR,BERSERK,DEATHBLOW,REVIVE",
98            "AGGR,BERSERK,STONESKIN",
99            "AGGR,BERSERK,STONESKIN,DEATHBLOW",
100            "AGGR,BERSERK,STONESKIN,DEATHBLOW,REVIVE",
101            "AGGR,BERSERK,STONESKIN,DEATHBLOW,REVIVE",
102            "AGGR,DEATHBLOW",
103            "AGGR,GODSPEED",
104            "AGGR,GODSPEED",
105            "AGGR,NOATTCHUNJO",
106            "AGGR,NOATTJINNO",
107            "AGGR,NOATTSHINSU",
108            "AGGR,NOMOVE",
109            "AGGR,REVIVE",
110            "AGGR,STONESKIN",
111            "BERSERK",
112            "BERSERK,STONESKIN",
113            "COWARD",
114            "NOMOVE",
115            "AGGR,NOMOVE,BERSERK,GODSPEED,DEATHBLOW",
116            "NOMOVE,STONESKIN",
117            "NOMOVE,STONESKIN",
118            "REVIVE"];
119function states2flags($userStates, $allStates)
120{
121    $userFlags = 0;
122    $bit = 1;
123    foreach ($allStates as $state) {
124        if (in_array($state, $userStates)) {
125           $userFlags += $bit;
126        }
127        $bit <<= 1;
128    }
129    return $userFlags;
130}
131
132function flags2states($userFlags, $allStates)
133{
134    $userStates = [];
135    $bit = 1;
136    foreach ($allStates as $state) {
137        if ($userFlags & $bit) {
138           $userStates[] = $state;
139        }
140        $bit <<= 1;
141    }
142    return $userStates;
143}
144

The only special thing in here is the Bitwise Assignment Operator. No pow() is needed for working with powers of two.

Every function parameter is an array, this is intentional. It clearly is intended as an array, so why use strings? Alternatively you could choose to only work with strings, but don't mix arrays and strings, it is confusing.

I kept most of your test code, although the names have changed:

1<style>
2.red{color:red;}
3.green{color:green;}
4</style>
5<?php
6function array2aiflag($inputString){
7    $arAIFlag = ["AGGR","NOMOVE","COWARD","NOATTSHINSU","NOATTCHUNJO","NOATTJINNO","ATTMOB","BERSERK","STONESKIN","GODSPEED","DEATHBLOW","REVIVE"];
8    $retValue = 0;
9    $arInputString = explode(",",$inputString);
10    for($i=0;$i<sizeof($arAIFlag);$i++) {
11        $tempString = $arAIFlag[$i];
12        for ($j=0;$j<30;$j++){
13            if(isset($arInputString[$j])){
14                    $tempString2 = $arInputString[$j];
15            }else{
16                $tempString2 = $inputString;
17            }
18            if(strcmp($tempString2,$tempString) == 0){
19                $retValue+=pow(2,$i);
20            }           
21            if(strcmp($tempString2,"") == 0){
22                break;
23            }
24        }
25    }
26    unset($arInputString);
27    return $retValue;
28}
29function aiflag2array($flag,$target=[],$str=""){
30    $tar=["AGGR","NOMOVE","COWARD","NOATTSHINSU","NOATTCHUNJO","NOATTJINNO","ATTMOB","BERSERK","STONESKIN","GODSPEED","DEATHBLOW","REVIVE"];
31    for($x=0;$x<count($tar);$x++){
32        $target[pow(2,$x)]=$tar[$x];
33    }   
34    for($i=count($tar)-1;$i>-1;$i--){
35        $pow = pow(2, $i);
36        if($pow < $flag){
37            $str = ",".$target[$pow].$str;
38            $flag = $flag-$pow;
39        }elseif($pow == $flag){
40            return "".$target[$pow].$str;
41        }
42    }
43    return "NONE";
44}
45
46
47$sample=["AGGR","AGGR,BERSERK","AGGR,BERSERK,DEATHBLOW,REVIVE","AGGR,BERSERK,STONESKIN","AGGR,BERSERK,STONESKIN,DEATHBLOW","AGGR,BERSERK,STONESKIN,DEATHBLOW,REVIVE","AGGR,BERSERK,STONESKIN,DEATHBLOW,REVIVE","AGGR,DEATHBLOW","AGGR,GODSPEED","AGGR,GODSPEED","AGGR,NOATTCHUNJO","AGGR,NOATTJINNO","AGGR,NOATTSHINSU","AGGR,NOMOVE","AGGR,REVIVE","AGGR,STONESKIN","BERSERK","BERSERK,STONESKIN","COWARD","NOMOVE","AGGR,NOMOVE,BERSERK,GODSPEED,DEATHBLOW","NOMOVE,STONESKIN","NOMOVE,STONESKIN","REVIVE"];
48foreach($sample as $k=>$v){
49    $no1=array2aiflag($v);
50    $no2=array2aiflag(aiflag2array($no1));
51    if($v != aiflag2array($no1)){
52        echo '<a class="red"> OriginalData - <b>'.$v.' ['.$no1.']</b> - ReversData - <b>'.aiflag2array($no1).' ['.$no2.']</b><br>';
53    }else{      
54        echo '<a class="green"> OriginalData - <b>'.$v.' ['.$no1.']</b> - ReversData - <b>'.aiflag2array($no1).' ['.$no2.']</b><br>';
55    }
56}
57?>
58OriginalData - AGGR [30] - ReversData - NOMOVE,COWARD,NOATTSHINSU,NOATTCHUNJO [30]
59OriginalData - AGGR,BERSERK [129] - ReversData - AGGR,BERSERK [129]
60OriginalData - AGGR,BERSERK,DEATHBLOW,REVIVE [3201] - ReversData - AGGR,BERSERK,DEATHBLOW,REVIVE [3201]
61OriginalData - AGGR,BERSERK,STONESKIN [385] - ReversData - AGGR,BERSERK,STONESKIN [385]
62OriginalData - AGGR,BERSERK,STONESKIN,DEATHBLOW [1409] - ReversData - AGGR,BERSERK,STONESKIN,DEATHBLOW [1409]
63OriginalData - AGGR,BERSERK,STONESKIN,DEATHBLOW,REVIVE [3457] - ReversData - AGGR,BERSERK,STONESKIN,DEATHBLOW,REVIVE [3457]
64OriginalData - AGGR,BERSERK,STONESKIN,DEATHBLOW,REVIVE [3457] - ReversData - AGGR,BERSERK,STONESKIN,DEATHBLOW,REVIVE [3457]
65OriginalData - AGGR,DEATHBLOW [1025] - ReversData - AGGR,DEATHBLOW [1025]
66OriginalData - AGGR,GODSPEED [513] - ReversData - AGGR,GODSPEED [513]
67OriginalData - AGGR,GODSPEED [513] - ReversData - AGGR,GODSPEED [513]
68OriginalData - AGGR,NOATTCHUNJO [17] - ReversData - AGGR,NOATTCHUNJO [17]
69OriginalData - AGGR,NOATTJINNO [33] - ReversData - AGGR,NOATTJINNO [33]
70OriginalData - AGGR,NOATTSHINSU [9] - ReversData - AGGR,NOATTSHINSU [9]
71OriginalData - AGGR,NOMOVE [3] - ReversData - AGGR,NOMOVE [3]
72OriginalData - AGGR,REVIVE [2049] - ReversData - AGGR,REVIVE [2049]
73OriginalData - AGGR,STONESKIN [257] - ReversData - AGGR,STONESKIN [257]
74OriginalData - BERSERK [3840] - ReversData - STONESKIN,GODSPEED,DEATHBLOW,REVIVE [3840]
75OriginalData - BERSERK,STONESKIN [384] - ReversData - BERSERK,STONESKIN [384]
76OriginalData - COWARD [120] - ReversData - NOATTSHINSU,NOATTCHUNJO,NOATTJINNO,ATTMOB [120]
77OriginalData - NOMOVE [60] - ReversData - COWARD,NOATTSHINSU,NOATTCHUNJO,NOATTJINNO [60]
78OriginalData - AGGR,NOMOVE,BERSERK,GODSPEED,DEATHBLOW [1667] - ReversData - AGGR,NOMOVE,BERSERK,GODSPEED,DEATHBLOW [1667]
79OriginalData - NOMOVE,STONESKIN [258] - ReversData - NOMOVE,STONESKIN [258]
80OriginalData - NOMOVE,STONESKIN [258] - ReversData - NOMOVE,STONESKIN [258]
81OriginalData - REVIVE [61440] - ReversData - NONE [0]
82$states = ["AGGR",
83           "NOMOVE",
84           "COWARD",
85           "NOATTSHINSU",
86            "NOATTCHUNJO",
87           "NOATTJINNO",
88           "ATTMOB",
89           "BERSERK",
90           "STONESKIN",
91           "GODSPEED",
92           "DEATHBLOW",
93           "REVIVE"];
94
95$samples = ["AGGR",
96            "AGGR,BERSERK",
97            "AGGR,BERSERK,DEATHBLOW,REVIVE",
98            "AGGR,BERSERK,STONESKIN",
99            "AGGR,BERSERK,STONESKIN,DEATHBLOW",
100            "AGGR,BERSERK,STONESKIN,DEATHBLOW,REVIVE",
101            "AGGR,BERSERK,STONESKIN,DEATHBLOW,REVIVE",
102            "AGGR,DEATHBLOW",
103            "AGGR,GODSPEED",
104            "AGGR,GODSPEED",
105            "AGGR,NOATTCHUNJO",
106            "AGGR,NOATTJINNO",
107            "AGGR,NOATTSHINSU",
108            "AGGR,NOMOVE",
109            "AGGR,REVIVE",
110            "AGGR,STONESKIN",
111            "BERSERK",
112            "BERSERK,STONESKIN",
113            "COWARD",
114            "NOMOVE",
115            "AGGR,NOMOVE,BERSERK,GODSPEED,DEATHBLOW",
116            "NOMOVE,STONESKIN",
117            "NOMOVE,STONESKIN",
118            "REVIVE"];
119function states2flags($userStates, $allStates)
120{
121    $userFlags = 0;
122    $bit = 1;
123    foreach ($allStates as $state) {
124        if (in_array($state, $userStates)) {
125           $userFlags += $bit;
126        }
127        $bit <<= 1;
128    }
129    return $userFlags;
130}
131
132function flags2states($userFlags, $allStates)
133{
134    $userStates = [];
135    $bit = 1;
136    foreach ($allStates as $state) {
137        if ($userFlags & $bit) {
138           $userStates[] = $state;
139        }
140        $bit <<= 1;
141    }
142    return $userStates;
143}
144foreach($samples as $sample) {
145    $sampleStates  = explode(",", $sample);
146    $sampleFlags   = states2flags($sampleStates, $states);
147    $reverseStates = flags2states($sampleFlags, $states);
148    $reverseFlags  = states2flags($reverseStates, $states);
149    $textColor = (count(array_diff($sampleStates, $reverseStates)) > 0) ? "red" : "green";
150    echo '<a class="' . $textColor . '">' . $textColor . ' Original Data - <b>' . $sample .
151         ' [' . $sampleFlags . ']</b> - Reverse Data - <b>' .
152         implode(",", flags2states($sampleFlags, $states)) . ' ['.$reverseFlags. ']</b><br>';
153}
154

The output is:

1<style>
2.red{color:red;}
3.green{color:green;}
4</style>
5<?php
6function array2aiflag($inputString){
7    $arAIFlag = ["AGGR","NOMOVE","COWARD","NOATTSHINSU","NOATTCHUNJO","NOATTJINNO","ATTMOB","BERSERK","STONESKIN","GODSPEED","DEATHBLOW","REVIVE"];
8    $retValue = 0;
9    $arInputString = explode(",",$inputString);
10    for($i=0;$i<sizeof($arAIFlag);$i++) {
11        $tempString = $arAIFlag[$i];
12        for ($j=0;$j<30;$j++){
13            if(isset($arInputString[$j])){
14                    $tempString2 = $arInputString[$j];
15            }else{
16                $tempString2 = $inputString;
17            }
18            if(strcmp($tempString2,$tempString) == 0){
19                $retValue+=pow(2,$i);
20            }           
21            if(strcmp($tempString2,"") == 0){
22                break;
23            }
24        }
25    }
26    unset($arInputString);
27    return $retValue;
28}
29function aiflag2array($flag,$target=[],$str=""){
30    $tar=["AGGR","NOMOVE","COWARD","NOATTSHINSU","NOATTCHUNJO","NOATTJINNO","ATTMOB","BERSERK","STONESKIN","GODSPEED","DEATHBLOW","REVIVE"];
31    for($x=0;$x<count($tar);$x++){
32        $target[pow(2,$x)]=$tar[$x];
33    }   
34    for($i=count($tar)-1;$i>-1;$i--){
35        $pow = pow(2, $i);
36        if($pow < $flag){
37            $str = ",".$target[$pow].$str;
38            $flag = $flag-$pow;
39        }elseif($pow == $flag){
40            return "".$target[$pow].$str;
41        }
42    }
43    return "NONE";
44}
45
46
47$sample=["AGGR","AGGR,BERSERK","AGGR,BERSERK,DEATHBLOW,REVIVE","AGGR,BERSERK,STONESKIN","AGGR,BERSERK,STONESKIN,DEATHBLOW","AGGR,BERSERK,STONESKIN,DEATHBLOW,REVIVE","AGGR,BERSERK,STONESKIN,DEATHBLOW,REVIVE","AGGR,DEATHBLOW","AGGR,GODSPEED","AGGR,GODSPEED","AGGR,NOATTCHUNJO","AGGR,NOATTJINNO","AGGR,NOATTSHINSU","AGGR,NOMOVE","AGGR,REVIVE","AGGR,STONESKIN","BERSERK","BERSERK,STONESKIN","COWARD","NOMOVE","AGGR,NOMOVE,BERSERK,GODSPEED,DEATHBLOW","NOMOVE,STONESKIN","NOMOVE,STONESKIN","REVIVE"];
48foreach($sample as $k=>$v){
49    $no1=array2aiflag($v);
50    $no2=array2aiflag(aiflag2array($no1));
51    if($v != aiflag2array($no1)){
52        echo '<a class="red"> OriginalData - <b>'.$v.' ['.$no1.']</b> - ReversData - <b>'.aiflag2array($no1).' ['.$no2.']</b><br>';
53    }else{      
54        echo '<a class="green"> OriginalData - <b>'.$v.' ['.$no1.']</b> - ReversData - <b>'.aiflag2array($no1).' ['.$no2.']</b><br>';
55    }
56}
57?>
58OriginalData - AGGR [30] - ReversData - NOMOVE,COWARD,NOATTSHINSU,NOATTCHUNJO [30]
59OriginalData - AGGR,BERSERK [129] - ReversData - AGGR,BERSERK [129]
60OriginalData - AGGR,BERSERK,DEATHBLOW,REVIVE [3201] - ReversData - AGGR,BERSERK,DEATHBLOW,REVIVE [3201]
61OriginalData - AGGR,BERSERK,STONESKIN [385] - ReversData - AGGR,BERSERK,STONESKIN [385]
62OriginalData - AGGR,BERSERK,STONESKIN,DEATHBLOW [1409] - ReversData - AGGR,BERSERK,STONESKIN,DEATHBLOW [1409]
63OriginalData - AGGR,BERSERK,STONESKIN,DEATHBLOW,REVIVE [3457] - ReversData - AGGR,BERSERK,STONESKIN,DEATHBLOW,REVIVE [3457]
64OriginalData - AGGR,BERSERK,STONESKIN,DEATHBLOW,REVIVE [3457] - ReversData - AGGR,BERSERK,STONESKIN,DEATHBLOW,REVIVE [3457]
65OriginalData - AGGR,DEATHBLOW [1025] - ReversData - AGGR,DEATHBLOW [1025]
66OriginalData - AGGR,GODSPEED [513] - ReversData - AGGR,GODSPEED [513]
67OriginalData - AGGR,GODSPEED [513] - ReversData - AGGR,GODSPEED [513]
68OriginalData - AGGR,NOATTCHUNJO [17] - ReversData - AGGR,NOATTCHUNJO [17]
69OriginalData - AGGR,NOATTJINNO [33] - ReversData - AGGR,NOATTJINNO [33]
70OriginalData - AGGR,NOATTSHINSU [9] - ReversData - AGGR,NOATTSHINSU [9]
71OriginalData - AGGR,NOMOVE [3] - ReversData - AGGR,NOMOVE [3]
72OriginalData - AGGR,REVIVE [2049] - ReversData - AGGR,REVIVE [2049]
73OriginalData - AGGR,STONESKIN [257] - ReversData - AGGR,STONESKIN [257]
74OriginalData - BERSERK [3840] - ReversData - STONESKIN,GODSPEED,DEATHBLOW,REVIVE [3840]
75OriginalData - BERSERK,STONESKIN [384] - ReversData - BERSERK,STONESKIN [384]
76OriginalData - COWARD [120] - ReversData - NOATTSHINSU,NOATTCHUNJO,NOATTJINNO,ATTMOB [120]
77OriginalData - NOMOVE [60] - ReversData - COWARD,NOATTSHINSU,NOATTCHUNJO,NOATTJINNO [60]
78OriginalData - AGGR,NOMOVE,BERSERK,GODSPEED,DEATHBLOW [1667] - ReversData - AGGR,NOMOVE,BERSERK,GODSPEED,DEATHBLOW [1667]
79OriginalData - NOMOVE,STONESKIN [258] - ReversData - NOMOVE,STONESKIN [258]
80OriginalData - NOMOVE,STONESKIN [258] - ReversData - NOMOVE,STONESKIN [258]
81OriginalData - REVIVE [61440] - ReversData - NONE [0]
82$states = ["AGGR",
83           "NOMOVE",
84           "COWARD",
85           "NOATTSHINSU",
86            "NOATTCHUNJO",
87           "NOATTJINNO",
88           "ATTMOB",
89           "BERSERK",
90           "STONESKIN",
91           "GODSPEED",
92           "DEATHBLOW",
93           "REVIVE"];
94
95$samples = ["AGGR",
96            "AGGR,BERSERK",
97            "AGGR,BERSERK,DEATHBLOW,REVIVE",
98            "AGGR,BERSERK,STONESKIN",
99            "AGGR,BERSERK,STONESKIN,DEATHBLOW",
100            "AGGR,BERSERK,STONESKIN,DEATHBLOW,REVIVE",
101            "AGGR,BERSERK,STONESKIN,DEATHBLOW,REVIVE",
102            "AGGR,DEATHBLOW",
103            "AGGR,GODSPEED",
104            "AGGR,GODSPEED",
105            "AGGR,NOATTCHUNJO",
106            "AGGR,NOATTJINNO",
107            "AGGR,NOATTSHINSU",
108            "AGGR,NOMOVE",
109            "AGGR,REVIVE",
110            "AGGR,STONESKIN",
111            "BERSERK",
112            "BERSERK,STONESKIN",
113            "COWARD",
114            "NOMOVE",
115            "AGGR,NOMOVE,BERSERK,GODSPEED,DEATHBLOW",
116            "NOMOVE,STONESKIN",
117            "NOMOVE,STONESKIN",
118            "REVIVE"];
119function states2flags($userStates, $allStates)
120{
121    $userFlags = 0;
122    $bit = 1;
123    foreach ($allStates as $state) {
124        if (in_array($state, $userStates)) {
125           $userFlags += $bit;
126        }
127        $bit <<= 1;
128    }
129    return $userFlags;
130}
131
132function flags2states($userFlags, $allStates)
133{
134    $userStates = [];
135    $bit = 1;
136    foreach ($allStates as $state) {
137        if ($userFlags & $bit) {
138           $userStates[] = $state;
139        }
140        $bit <<= 1;
141    }
142    return $userStates;
143}
144foreach($samples as $sample) {
145    $sampleStates  = explode(",", $sample);
146    $sampleFlags   = states2flags($sampleStates, $states);
147    $reverseStates = flags2states($sampleFlags, $states);
148    $reverseFlags  = states2flags($reverseStates, $states);
149    $textColor = (count(array_diff($sampleStates, $reverseStates)) > 0) ? "red" : "green";
150    echo '<a class="' . $textColor . '">' . $textColor . ' Original Data - <b>' . $sample .
151         ' [' . $sampleFlags . ']</b> - Reverse Data - <b>' .
152         implode(",", flags2states($sampleFlags, $states)) . ' ['.$reverseFlags. ']</b><br>';
153}
154green Original Data - AGGR [1] - Reverse Data - AGGR [1]
155green Original Data - AGGR,BERSERK [129] - Reverse Data - AGGR,BERSERK [129]
156green Original Data - AGGR,BERSERK,DEATHBLOW,REVIVE [3201] - Reverse Data - AGGR,BERSERK,DEATHBLOW,REVIVE [3201]
157green Original Data - AGGR,BERSERK,STONESKIN [385] - Reverse Data - AGGR,BERSERK,STONESKIN [385]
158green Original Data - AGGR,BERSERK,STONESKIN,DEATHBLOW [1409] - Reverse Data - AGGR,BERSERK,STONESKIN,DEATHBLOW [1409]
159green Original Data - AGGR,BERSERK,STONESKIN,DEATHBLOW,REVIVE [3457] - Reverse Data - AGGR,BERSERK,STONESKIN,DEATHBLOW,REVIVE [3457]
160green Original Data - AGGR,BERSERK,STONESKIN,DEATHBLOW,REVIVE [3457] - Reverse Data - AGGR,BERSERK,STONESKIN,DEATHBLOW,REVIVE [3457]
161green Original Data - AGGR,DEATHBLOW [1025] - Reverse Data - AGGR,DEATHBLOW [1025]
162green Original Data - AGGR,GODSPEED [513] - Reverse Data - AGGR,GODSPEED [513]
163green Original Data - AGGR,GODSPEED [513] - Reverse Data - AGGR,GODSPEED [513]
164green Original Data - AGGR,NOATTCHUNJO [17] - Reverse Data - AGGR,NOATTCHUNJO [17]
165green Original Data - AGGR,NOATTJINNO [33] - Reverse Data - AGGR,NOATTJINNO [33]
166green Original Data - AGGR,NOATTSHINSU [9] - Reverse Data - AGGR,NOATTSHINSU [9]
167green Original Data - AGGR,NOMOVE [3] - Reverse Data - AGGR,NOMOVE [3]
168green Original Data - AGGR,REVIVE [2049] - Reverse Data - AGGR,REVIVE [2049]
169green Original Data - AGGR,STONESKIN [257] - Reverse Data - AGGR,STONESKIN [257]
170green Original Data - BERSERK [128] - Reverse Data - BERSERK [128]
171green Original Data - BERSERK,STONESKIN [384] - Reverse Data - BERSERK,STONESKIN [384]
172green Original Data - COWARD [4] - Reverse Data - COWARD [4]
173green Original Data - NOMOVE [2] - Reverse Data - NOMOVE [2]
174green Original Data - AGGR,NOMOVE,BERSERK,GODSPEED,DEATHBLOW [1667] - Reverse Data - AGGR,NOMOVE,BERSERK,GODSPEED,DEATHBLOW [1667]
175green Original Data - NOMOVE,STONESKIN [258] - Reverse Data - NOMOVE,STONESKIN [258]
176green Original Data - NOMOVE,STONESKIN [258] - Reverse Data - NOMOVE,STONESKIN [258]
177green Original Data - REVIVE [2048] - Reverse Data - REVIVE [2048]
178

Source https://stackoverflow.com/questions/71527385

QUESTION

Translating C# to PowerShell

Asked 2022-Mar-17 at 17:30

I am trying to translate this code from C# to PowerShell

1//Creating a new package
2Application app = new Application();
3Package p = new Package();
4
5//Adding the connection manager
6ConnectionManager DatabaseConnectionManager = p.Connections.Add("OLEDB");
7DatabaseConnectionManager.ConnectionString = @"Data Source=.;Initial Catalog=tempdb;Integrated Security=SSPI;Provider=SQLNCLI11;Auto Translate=false;"; ;
8DatabaseConnectionManager.Name = "ConnectionOLEDB";
9DatabaseConnectionManager.Description = "SSIS Connection Manager for OLEDB";
10    
11//Adding the data flow task
12Executable e = p.Executables.Add("STOCK:PipelineTask");
13TaskHost thMainPipe = (TaskHost)e;
14MainPipe dataFlowTask = (MainPipe)thMainPipe.InnerObject;
15thMainPipe.Name = "Import Person";
16    
17IDTSComponentMetaData100 component = dataFlowTask.ComponentMetaDataCollection.New();
18component.Name = "OLEDBSource";
19component.ComponentClassID = app.PipelineComponentInfos["OLE DB Source"].CreationName;
20

Code this from this webpage under the section "Adding Data Flow Tasks components": https://www.sqlshack.com/biml-alternatives-building-ssis-packages-programmatically-using-manageddts/

The assemblies are:

1//Creating a new package
2Application app = new Application();
3Package p = new Package();
4
5//Adding the connection manager
6ConnectionManager DatabaseConnectionManager = p.Connections.Add("OLEDB");
7DatabaseConnectionManager.ConnectionString = @"Data Source=.;Initial Catalog=tempdb;Integrated Security=SSPI;Provider=SQLNCLI11;Auto Translate=false;"; ;
8DatabaseConnectionManager.Name = "ConnectionOLEDB";
9DatabaseConnectionManager.Description = "SSIS Connection Manager for OLEDB";
10    
11//Adding the data flow task
12Executable e = p.Executables.Add("STOCK:PipelineTask");
13TaskHost thMainPipe = (TaskHost)e;
14MainPipe dataFlowTask = (MainPipe)thMainPipe.InnerObject;
15thMainPipe.Name = "Import Person";
16    
17IDTSComponentMetaData100 component = dataFlowTask.ComponentMetaDataCollection.New();
18component.Name = "OLEDBSource";
19component.ComponentClassID = app.PipelineComponentInfos["OLE DB Source"].CreationName;
20using System;
21using DtsRuntime = Microsoft.SqlServer.Dts.Runtime;
22using DtsWrapper = Microsoft.SqlServer.Dts.Pipeline.Wrapper;
23

See Reverse engineering SSIS package using C#

My problems start at the line with TaskHost thMainPipe = (TaskHost)e; and I get the errors like "Cannot convert ...value of type ...".

Here is the PowerShell code that is working:

1//Creating a new package
2Application app = new Application();
3Package p = new Package();
4
5//Adding the connection manager
6ConnectionManager DatabaseConnectionManager = p.Connections.Add("OLEDB");
7DatabaseConnectionManager.ConnectionString = @"Data Source=.;Initial Catalog=tempdb;Integrated Security=SSPI;Provider=SQLNCLI11;Auto Translate=false;"; ;
8DatabaseConnectionManager.Name = "ConnectionOLEDB";
9DatabaseConnectionManager.Description = "SSIS Connection Manager for OLEDB";
10    
11//Adding the data flow task
12Executable e = p.Executables.Add("STOCK:PipelineTask");
13TaskHost thMainPipe = (TaskHost)e;
14MainPipe dataFlowTask = (MainPipe)thMainPipe.InnerObject;
15thMainPipe.Name = "Import Person";
16    
17IDTSComponentMetaData100 component = dataFlowTask.ComponentMetaDataCollection.New();
18component.Name = "OLEDBSource";
19component.ComponentClassID = app.PipelineComponentInfos["OLE DB Source"].CreationName;
20using System;
21using DtsRuntime = Microsoft.SqlServer.Dts.Runtime;
22using DtsWrapper = Microsoft.SqlServer.Dts.Pipeline.Wrapper;
23 Add-Type -Path 'C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.SqlServer.ManagedDTS\v4.0_15.0.0.0__89845dcd8080cc91\Microsoft.SqlServer.ManagedDTS.dll';
24 Add-Type -Path 'C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.SqlServer.DTSPipelineWrap\v4.0_15.0.0.0__89845dcd8080cc91\Microsoft.SqlServer.DTSPipelineWrap.dll';
25 Add-Type -Path 'C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.SqlServer.PipelineHost\v4.0_15.0.0.0__89845dcd8080cc91\Microsoft.SqlServer.PipelineHost.dll';
26 # Add-Type -Path 'C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.SqlServer.DTSPipelineWrap\v4.0_15.0.0.0__89845dcd8080cc91\Microsoft.SqlServer.DTSPipelineWrap.dll';
27
28$App = New-Object -TypeName Microsoft.SqlServer.Dts.Runtime.Application; 
29$Package = New-Object -TypeName Microsoft.SqlServer.Dts.Runtime.Package;
30$PackageFullPath = 'C:\test.dtsx';
31# Empty package created. 
32
33$ConnectionString = "Data Source=SomeInstance;Initial Catalog=SomeDB;Integrated Security=SSPI";
34 
35$DatabaseConnectionManager = $Package.Connections.Add("OLEDB");
36$DatabaseConnectionManager.ConnectionString = $ConnectionString;
37$DatabaseConnectionManager.Name = "SomeDB";
38$DatabaseConnectionManager.Description = "Hello";
39
40# Add a Data Flow Task
41$e = $Package.Executables.Add("STOCK:PipelineTask");
42
43  # $App.SaveToXml($PackageFullPath, $Package,$null);
44

Why am I getting a cast error for TaskHost thMainPipe = (TaskHost)e;?

Where I get the error is:

1//Creating a new package
2Application app = new Application();
3Package p = new Package();
4
5//Adding the connection manager
6ConnectionManager DatabaseConnectionManager = p.Connections.Add("OLEDB");
7DatabaseConnectionManager.ConnectionString = @"Data Source=.;Initial Catalog=tempdb;Integrated Security=SSPI;Provider=SQLNCLI11;Auto Translate=false;"; ;
8DatabaseConnectionManager.Name = "ConnectionOLEDB";
9DatabaseConnectionManager.Description = "SSIS Connection Manager for OLEDB";
10    
11//Adding the data flow task
12Executable e = p.Executables.Add("STOCK:PipelineTask");
13TaskHost thMainPipe = (TaskHost)e;
14MainPipe dataFlowTask = (MainPipe)thMainPipe.InnerObject;
15thMainPipe.Name = "Import Person";
16    
17IDTSComponentMetaData100 component = dataFlowTask.ComponentMetaDataCollection.New();
18component.Name = "OLEDBSource";
19component.ComponentClassID = app.PipelineComponentInfos["OLE DB Source"].CreationName;
20using System;
21using DtsRuntime = Microsoft.SqlServer.Dts.Runtime;
22using DtsWrapper = Microsoft.SqlServer.Dts.Pipeline.Wrapper;
23 Add-Type -Path 'C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.SqlServer.ManagedDTS\v4.0_15.0.0.0__89845dcd8080cc91\Microsoft.SqlServer.ManagedDTS.dll';
24 Add-Type -Path 'C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.SqlServer.DTSPipelineWrap\v4.0_15.0.0.0__89845dcd8080cc91\Microsoft.SqlServer.DTSPipelineWrap.dll';
25 Add-Type -Path 'C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.SqlServer.PipelineHost\v4.0_15.0.0.0__89845dcd8080cc91\Microsoft.SqlServer.PipelineHost.dll';
26 # Add-Type -Path 'C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.SqlServer.DTSPipelineWrap\v4.0_15.0.0.0__89845dcd8080cc91\Microsoft.SqlServer.DTSPipelineWrap.dll';
27
28$App = New-Object -TypeName Microsoft.SqlServer.Dts.Runtime.Application; 
29$Package = New-Object -TypeName Microsoft.SqlServer.Dts.Runtime.Package;
30$PackageFullPath = 'C:\test.dtsx';
31# Empty package created. 
32
33$ConnectionString = "Data Source=SomeInstance;Initial Catalog=SomeDB;Integrated Security=SSPI";
34 
35$DatabaseConnectionManager = $Package.Connections.Add("OLEDB");
36$DatabaseConnectionManager.ConnectionString = $ConnectionString;
37$DatabaseConnectionManager.Name = "SomeDB";
38$DatabaseConnectionManager.Description = "Hello";
39
40# Add a Data Flow Task
41$e = $Package.Executables.Add("STOCK:PipelineTask");
42
43  # $App.SaveToXml($PackageFullPath, $Package,$null);
44# Add a Data Flow Task
45$e = $Package.Executables.Add("STOCK:PipelineTask"); # This works
46# $e | Get-Member
47$thMainPipe = [Microsoft.SqlServer.Dts.Runtime.TaskHost]$e # no error here
48# This line triggers the error:
49$dataFlowTask = [Microsoft.SqlServer.Dts.Pipeline.Wrapper.MainPipe]$thMainPipe.InnerObject 
50

The error message is:

1//Creating a new package
2Application app = new Application();
3Package p = new Package();
4
5//Adding the connection manager
6ConnectionManager DatabaseConnectionManager = p.Connections.Add("OLEDB");
7DatabaseConnectionManager.ConnectionString = @"Data Source=.;Initial Catalog=tempdb;Integrated Security=SSPI;Provider=SQLNCLI11;Auto Translate=false;"; ;
8DatabaseConnectionManager.Name = "ConnectionOLEDB";
9DatabaseConnectionManager.Description = "SSIS Connection Manager for OLEDB";
10    
11//Adding the data flow task
12Executable e = p.Executables.Add("STOCK:PipelineTask");
13TaskHost thMainPipe = (TaskHost)e;
14MainPipe dataFlowTask = (MainPipe)thMainPipe.InnerObject;
15thMainPipe.Name = "Import Person";
16    
17IDTSComponentMetaData100 component = dataFlowTask.ComponentMetaDataCollection.New();
18component.Name = "OLEDBSource";
19component.ComponentClassID = app.PipelineComponentInfos["OLE DB Source"].CreationName;
20using System;
21using DtsRuntime = Microsoft.SqlServer.Dts.Runtime;
22using DtsWrapper = Microsoft.SqlServer.Dts.Pipeline.Wrapper;
23 Add-Type -Path 'C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.SqlServer.ManagedDTS\v4.0_15.0.0.0__89845dcd8080cc91\Microsoft.SqlServer.ManagedDTS.dll';
24 Add-Type -Path 'C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.SqlServer.DTSPipelineWrap\v4.0_15.0.0.0__89845dcd8080cc91\Microsoft.SqlServer.DTSPipelineWrap.dll';
25 Add-Type -Path 'C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.SqlServer.PipelineHost\v4.0_15.0.0.0__89845dcd8080cc91\Microsoft.SqlServer.PipelineHost.dll';
26 # Add-Type -Path 'C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.SqlServer.DTSPipelineWrap\v4.0_15.0.0.0__89845dcd8080cc91\Microsoft.SqlServer.DTSPipelineWrap.dll';
27
28$App = New-Object -TypeName Microsoft.SqlServer.Dts.Runtime.Application; 
29$Package = New-Object -TypeName Microsoft.SqlServer.Dts.Runtime.Package;
30$PackageFullPath = 'C:\test.dtsx';
31# Empty package created. 
32
33$ConnectionString = "Data Source=SomeInstance;Initial Catalog=SomeDB;Integrated Security=SSPI";
34 
35$DatabaseConnectionManager = $Package.Connections.Add("OLEDB");
36$DatabaseConnectionManager.ConnectionString = $ConnectionString;
37$DatabaseConnectionManager.Name = "SomeDB";
38$DatabaseConnectionManager.Description = "Hello";
39
40# Add a Data Flow Task
41$e = $Package.Executables.Add("STOCK:PipelineTask");
42
43  # $App.SaveToXml($PackageFullPath, $Package,$null);
44# Add a Data Flow Task
45$e = $Package.Executables.Add("STOCK:PipelineTask"); # This works
46# $e | Get-Member
47$thMainPipe = [Microsoft.SqlServer.Dts.Runtime.TaskHost]$e # no error here
48# This line triggers the error:
49$dataFlowTask = [Microsoft.SqlServer.Dts.Pipeline.Wrapper.MainPipe]$thMainPipe.InnerObject 
50Cannot convert the "System.__ComObject" value of type "System.__ComObject#{b3350f87-4de7-4cb4-a273-d980c9e0b8ad}" to type "Microsoft.SqlServer.Dts.Pipeline.Wrapper.MainPipe".
51At line:1 char:1
52+ $dataFlowTask = [Microsoft.SqlServer.Dts.Pipeline.Wrapper.MainPipe]$t ...
53+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
54    + CategoryInfo          : InvalidArgument: (:) [], ParentContainsErrorRecordException
55    + FullyQualifiedErrorId : ConvertToFinalInvalidCastException
56

Also the type of $e is Microsoft.SqlServer.Dts.Runtime.TaskHost. So not sure why I need $thMainPipeat all.

ANSWER

Answered 2022-Mar-17 at 17:30

See also: This follow-up question.

That your cast's operand is a COM object (as evidenced by System.__ComObject being reported as the object type in the error message) may be the source of the problem, because I don't think PowerShell can cast COM objects to other types.

However, given that PowerShell can dynamically discover members on objects, in many cases where C# requires casts, PowerShell doesn't (and casts to interfaces are no-ops in PowerShell, except when guiding method overload resolution). Similarly, there's no (strict) need to type variables.[1]

Thus, as you've confirmed, simply omitting the cast of $thMainPipe.InnerObject to type [Microsoft.SqlServer.Dts.Pipeline.Wrapper.MainPipe] worked:

1//Creating a new package
2Application app = new Application();
3Package p = new Package();
4
5//Adding the connection manager
6ConnectionManager DatabaseConnectionManager = p.Connections.Add("OLEDB");
7DatabaseConnectionManager.ConnectionString = @"Data Source=.;Initial Catalog=tempdb;Integrated Security=SSPI;Provider=SQLNCLI11;Auto Translate=false;"; ;
8DatabaseConnectionManager.Name = "ConnectionOLEDB";
9DatabaseConnectionManager.Description = "SSIS Connection Manager for OLEDB";
10    
11//Adding the data flow task
12Executable e = p.Executables.Add("STOCK:PipelineTask");
13TaskHost thMainPipe = (TaskHost)e;
14MainPipe dataFlowTask = (MainPipe)thMainPipe.InnerObject;
15thMainPipe.Name = "Import Person";
16    
17IDTSComponentMetaData100 component = dataFlowTask.ComponentMetaDataCollection.New();
18component.Name = "OLEDBSource";
19component.ComponentClassID = app.PipelineComponentInfos["OLE DB Source"].CreationName;
20using System;
21using DtsRuntime = Microsoft.SqlServer.Dts.Runtime;
22using DtsWrapper = Microsoft.SqlServer.Dts.Pipeline.Wrapper;
23 Add-Type -Path 'C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.SqlServer.ManagedDTS\v4.0_15.0.0.0__89845dcd8080cc91\Microsoft.SqlServer.ManagedDTS.dll';
24 Add-Type -Path 'C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.SqlServer.DTSPipelineWrap\v4.0_15.0.0.0__89845dcd8080cc91\Microsoft.SqlServer.DTSPipelineWrap.dll';
25 Add-Type -Path 'C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.SqlServer.PipelineHost\v4.0_15.0.0.0__89845dcd8080cc91\Microsoft.SqlServer.PipelineHost.dll';
26 # Add-Type -Path 'C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.SqlServer.DTSPipelineWrap\v4.0_15.0.0.0__89845dcd8080cc91\Microsoft.SqlServer.DTSPipelineWrap.dll';
27
28$App = New-Object -TypeName Microsoft.SqlServer.Dts.Runtime.Application; 
29$Package = New-Object -TypeName Microsoft.SqlServer.Dts.Runtime.Package;
30$PackageFullPath = 'C:\test.dtsx';
31# Empty package created. 
32
33$ConnectionString = "Data Source=SomeInstance;Initial Catalog=SomeDB;Integrated Security=SSPI";
34 
35$DatabaseConnectionManager = $Package.Connections.Add("OLEDB");
36$DatabaseConnectionManager.ConnectionString = $ConnectionString;
37$DatabaseConnectionManager.Name = "SomeDB";
38$DatabaseConnectionManager.Description = "Hello";
39
40# Add a Data Flow Task
41$e = $Package.Executables.Add("STOCK:PipelineTask");
42
43  # $App.SaveToXml($PackageFullPath, $Package,$null);
44# Add a Data Flow Task
45$e = $Package.Executables.Add("STOCK:PipelineTask"); # This works
46# $e | Get-Member
47$thMainPipe = [Microsoft.SqlServer.Dts.Runtime.TaskHost]$e # no error here
48# This line triggers the error:
49$dataFlowTask = [Microsoft.SqlServer.Dts.Pipeline.Wrapper.MainPipe]$thMainPipe.InnerObject 
50Cannot convert the "System.__ComObject" value of type "System.__ComObject#{b3350f87-4de7-4cb4-a273-d980c9e0b8ad}" to type "Microsoft.SqlServer.Dts.Pipeline.Wrapper.MainPipe".
51At line:1 char:1
52+ $dataFlowTask = [Microsoft.SqlServer.Dts.Pipeline.Wrapper.MainPipe]$t ...
53+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
54    + CategoryInfo          : InvalidArgument: (:) [], ParentContainsErrorRecordException
55    + FullyQualifiedErrorId : ConvertToFinalInvalidCastException
56$dataFlowTask = $thMainPipe.InnerObject # No cast.
57$component = $dataFlowTask.ComponentMetaDataCollection.New()
58

[1] Typing a variable in PowerShell means to type-constrain it, which means that you're still free to assign a value of any type, as long as PowerShell can automatically convert it to the target type (and PowerShell's automatic type conversions are very flexible); e.g., [int] $num = '42' works fine. Without a type constraint, the type of the value being assigned, which may be of any type, effectively determines its type, but you're free to assign an object of a different type later; e.g. $var = '42' makes $var contain a [string], whereas $var = 42 makes it an [int].

Source https://stackoverflow.com/questions/71488991

QUESTION

How to obfuscate Kotlin properties with R8?

Asked 2022-Mar-07 at 08:58

I have a library on Kotlin I want to obfuscate almost completely but leave the public classes, properties and methods untouched. Here is an example of one of the public classes I intend to obfuscate:

1class SomeClass(val propertyToShow: SomePublicClass, private val propertyToHide: SomeOtherPublicClass) {
2
3    fun methodToShow(someArg: SomeArg) {
4        // Some code
5    }
6
7    private fun methodToHide(someOtherArg: SomeOtherArg) {
8        // Some more code
9    }
10
11}
12

The ProGuard file is based on a typical library ProGuard file and looks like this:

1class SomeClass(val propertyToShow: SomePublicClass, private val propertyToHide: SomeOtherPublicClass) {
2
3    fun methodToShow(someArg: SomeArg) {
4        // Some code
5    }
6
7    private fun methodToHide(someOtherArg: SomeOtherArg) {
8        // Some more code
9    }
10
11}
12-keepattributes SourceFile,LineNumberTable
13
14-renamesourcefileattribute SourceFile
15
16-dontwarn javax.annotation.**
17
18-keepnames class okhttp3.internal.publicsuffix.PublicSuffixDatabase
19
20-dontwarn org.codehaus.mojo.animal_sniffer.*
21-dontwarn okhttp3.internal.platform.ConscryptPlatform
22
23-keepattributes Signature
24
25-keepattributes *Annotation*
26
27-dontwarn sun.misc.**
28-keep class com.google.gson.stream.** { *; }
29
30-keep class * implements com.google.gson.TypeAdapterFactory
31-keep class * implements com.google.gson.JsonSerializer
32-keep class * implements com.google.gson.JsonDeserializer
33
34-keepclassmembers,allowobfuscation class * {
35  @com.google.gson.annotations.SerializedName <fields>;
36}
37
38-keep public class * {
39    public protected *;
40}
41
42-keepclassmembernames class * {
43    java.lang.Class class$(java.lang.String);
44    java.lang.Class class$(java.lang.String, boolean);
45}
46
47-keepclasseswithmembernames class * {
48    native <methods>;
49}
50
51-keeppackagenames **
52-keepattributes Exceptions,InnerClasses,Signature,Deprecated,SourceFile,LineNumberTable,*Annotation*,EnclosingMethod,Synthetic,PermittedSubclasses
53-keepparameternames
54-renamesourcefileattribute SourceFile
55-keepclassmembers class **$WhenMappings {
56    <fields>;
57}
58-keep class kotlin.Metadata { *; }
59
60-keep class kotlin.** { *; }
61-keep class kotlin.Metadata { *; }
62-keep class kotlin.reflect.** { *; }
63-dontwarn kotlin.reflect.**
64-dontwarn kotlin.**
65-keepclassmembers class **$WhenMappings {
66    <fields>;
67}
68-keepclassmembers class kotlin.Metadata {
69    public <methods>;
70}
71-assumenosideeffects class kotlin.jvm.internal.Intrinsics {
72    static void checkParameterIsNotNull(java.lang.Object, java.lang.String);
73}
74
75-keepclassmembers,allowobfuscation class * {
76    @javax.inject.* *;
77    @dagger.* *;
78    <init>();
79}
80
81-keep class javax.inject.** { *; }
82-keep class **$$ModuleAdapter
83-keep class **$$InjectAdapter
84-keep class **$$StaticInjection
85-keep class dagger.** { *; }
86
87-keepclassmembers class * extends java.lang.Enum {
88    public static **[] values();
89    public static ** valueOf(java.lang.String);
90}
91
92-keepclassmembers class * implements java.io.Serializable {
93    static final long serialVersionUID;
94    static final java.io.ObjectStreamField[] serialPersistentFields;
95    private void writeObject(java.io.ObjectOutputStream);
96    private void readObject(java.io.ObjectInputStream);
97    java.lang.Object writeReplace();
98    java.lang.Object readResolve();
99}
100
101

Running ./gradlew assembleRelease results in .aar file. The SomeClass.class from it looks like this (if we take a look at it via Android Studio)

1class SomeClass(val propertyToShow: SomePublicClass, private val propertyToHide: SomeOtherPublicClass) {
2
3    fun methodToShow(someArg: SomeArg) {
4        // Some code
5    }
6
7    private fun methodToHide(someOtherArg: SomeOtherArg) {
8        // Some more code
9    }
10
11}
12-keepattributes SourceFile,LineNumberTable
13
14-renamesourcefileattribute SourceFile
15
16-dontwarn javax.annotation.**
17
18-keepnames class okhttp3.internal.publicsuffix.PublicSuffixDatabase
19
20-dontwarn org.codehaus.mojo.animal_sniffer.*
21-dontwarn okhttp3.internal.platform.ConscryptPlatform
22
23-keepattributes Signature
24
25-keepattributes *Annotation*
26
27-dontwarn sun.misc.**
28-keep class com.google.gson.stream.** { *; }
29
30-keep class * implements com.google.gson.TypeAdapterFactory
31-keep class * implements com.google.gson.JsonSerializer
32-keep class * implements com.google.gson.JsonDeserializer
33
34-keepclassmembers,allowobfuscation class * {
35  @com.google.gson.annotations.SerializedName <fields>;
36}
37
38-keep public class * {
39    public protected *;
40}
41
42-keepclassmembernames class * {
43    java.lang.Class class$(java.lang.String);
44    java.lang.Class class$(java.lang.String, boolean);
45}
46
47-keepclasseswithmembernames class * {
48    native <methods>;
49}
50
51-keeppackagenames **
52-keepattributes Exceptions,InnerClasses,Signature,Deprecated,SourceFile,LineNumberTable,*Annotation*,EnclosingMethod,Synthetic,PermittedSubclasses
53-keepparameternames
54-renamesourcefileattribute SourceFile
55-keepclassmembers class **$WhenMappings {
56    <fields>;
57}
58-keep class kotlin.Metadata { *; }
59
60-keep class kotlin.** { *; }
61-keep class kotlin.Metadata { *; }
62-keep class kotlin.reflect.** { *; }
63-dontwarn kotlin.reflect.**
64-dontwarn kotlin.**
65-keepclassmembers class **$WhenMappings {
66    <fields>;
67}
68-keepclassmembers class kotlin.Metadata {
69    public <methods>;
70}
71-assumenosideeffects class kotlin.jvm.internal.Intrinsics {
72    static void checkParameterIsNotNull(java.lang.Object, java.lang.String);
73}
74
75-keepclassmembers,allowobfuscation class * {
76    @javax.inject.* *;
77    @dagger.* *;
78    <init>();
79}
80
81-keep class javax.inject.** { *; }
82-keep class **$$ModuleAdapter
83-keep class **$$InjectAdapter
84-keep class **$$StaticInjection
85-keep class dagger.** { *; }
86
87-keepclassmembers class * extends java.lang.Enum {
88    public static **[] values();
89    public static ** valueOf(java.lang.String);
90}
91
92-keepclassmembers class * implements java.io.Serializable {
93    static final long serialVersionUID;
94    static final java.io.ObjectStreamField[] serialPersistentFields;
95    private void writeObject(java.io.ObjectOutputStream);
96    private void readObject(java.io.ObjectInputStream);
97    java.lang.Object writeReplace();
98    java.lang.Object readResolve();
99}
100
101public final class SomeClass public constructor(propertyToShow: SomePublicClass, propertyToHide: SomeOtherPublicClass) {
102    
103    public final val propertyToShow: SomePublicClass /* compiled code */
104
105    private final val propertyToHide: SomeOtherPublicClass /* compiled code */
106
107    public final fun methodToShow(someArg: SomeArg): kotlin.Unit { /* compiled code */ }
108
109    private final fun a(someOtherArg: SomeOtherArg): kotlin.Unit { /* compiled code */ }
110    
111}
112

As we can see, the name of the private method has been obfuscated but its argument is not as well as the private property. It doesnโ€™t matter if we obfuscate it with ProGuard or R8, the result is the same.

Is it possible to obfuscate private properties and private methods' arguments for Kotlin source code? Or is it pointless, since it will not interfere with others doing reverse engineering?

ANSWER

Answered 2022-Mar-07 at 08:58

So the answer to this question was more or less explained in this article. Basically the issue was that the code was indeed obfuscated properly but there was still Kotlin Metadata and Android Studio was reconstructing the code based on this Metadata.

Source https://stackoverflow.com/questions/71069091

QUESTION

How to download a file using Python requests, when that file is being served with redirect?

Asked 2022-Feb-22 at 01:50

I'm trying to download a book from Fadedpage, like this one. If you click on the link to the HTML file there, it will display the HTML file. The URL appears to be https://www.fadedpage.com/books/20170817/html.php. But if you try to download that URL by any of the usual means, you only get the metadata HTML, not the HTML with the full text of the book. For instance, running wget https://www.fadedpage.com/books/20170817/html.php from the command line does return HTML, but it's again the metadata HTML file from https://www.fadedpage.com/showbook.php?pid=20170817, not the full text of the book.

Here's what I've tried so far:

1def downloadFile(bookID, fileType="html"): 
2    url = f"https://www.fadedpage.com/books/{bookID}/{fileType}.php"
3    #url = f'https://www.fadedpage.com/link.php?file={bookID}.{fileType}'
4    headers = {"Accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9", 
5               "User-Agent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) QtWebEngine/5.15.3 Chrome/87.0.4280.144 Safari/537.36",
6               "referer": "https://www.fadedpage.com/showbook.php?pid={bookID}",
7               "sec-fetch-dest": "document",
8                "sec-fetch-mode": "navigate",
9                "sec-fetch-site": "same-origin",
10                "sec-fetch-user": "?1",
11                "upgrade-insecure-requests": "1",
12                "cookie": "PHPSESSID=3r7ql7poiparp92ia7ltv8nai5"
13              }
14    print("Getting ", url)
15    resp = requests.get(url, headers=headers, cookies={"PHPSESSID": "3r7ql7poiparp92ia7ltv8nai5"})
16    if resp.ok: 
17        return resp.text
18

I'm trying to give it the same headers that my web browser is giving it, in the hopes that it'll return the same thing. But it's not working.

Is there something else I need to do to be able to download this HTML file? Since it's served by PHP on the server side, I'm having a hard time reverse engineering this.

For reference, the full HTML file contains the text "The First Part of this book is intended for pupils so far advanced as to be able to distinguish the Parts of Speech." But that text is not contained in the metadata HTML file.

Testing

Here's another way of testing this:

1def downloadFile(bookID, fileType="html"): 
2    url = f"https://www.fadedpage.com/books/{bookID}/{fileType}.php"
3    #url = f'https://www.fadedpage.com/link.php?file={bookID}.{fileType}'
4    headers = {"Accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9", 
5               "User-Agent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) QtWebEngine/5.15.3 Chrome/87.0.4280.144 Safari/537.36",
6               "referer": "https://www.fadedpage.com/showbook.php?pid={bookID}",
7               "sec-fetch-dest": "document",
8                "sec-fetch-mode": "navigate",
9                "sec-fetch-site": "same-origin",
10                "sec-fetch-user": "?1",
11                "upgrade-insecure-requests": "1",
12                "cookie": "PHPSESSID=3r7ql7poiparp92ia7ltv8nai5"
13              }
14    print("Getting ", url)
15    resp = requests.get(url, headers=headers, cookies={"PHPSESSID": "3r7ql7poiparp92ia7ltv8nai5"})
16    if resp.ok: 
17        return resp.text
18def isValidDownload(bookID, fileType="html"): 
19    """
20    A download of `downloadFile("20170817", "html")` should produce
21    a file 20170817.html which contains the text "It was a woodland 
22    slope behind St. Pierre-les-Bains". If it doesn't, it isn't getting 
23    the full text file. 
24    """
25    with open(f"{bookID}.{fileType}") as f: 
26        raw = f.read()
27    test = "woodland slope behind St. Pierre-les-Bains"
28    return test in raw
29

This should return True:

1def downloadFile(bookID, fileType="html"): 
2    url = f"https://www.fadedpage.com/books/{bookID}/{fileType}.php"
3    #url = f'https://www.fadedpage.com/link.php?file={bookID}.{fileType}'
4    headers = {"Accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9", 
5               "User-Agent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) QtWebEngine/5.15.3 Chrome/87.0.4280.144 Safari/537.36",
6               "referer": "https://www.fadedpage.com/showbook.php?pid={bookID}",
7               "sec-fetch-dest": "document",
8                "sec-fetch-mode": "navigate",
9                "sec-fetch-site": "same-origin",
10                "sec-fetch-user": "?1",
11                "upgrade-insecure-requests": "1",
12                "cookie": "PHPSESSID=3r7ql7poiparp92ia7ltv8nai5"
13              }
14    print("Getting ", url)
15    resp = requests.get(url, headers=headers, cookies={"PHPSESSID": "3r7ql7poiparp92ia7ltv8nai5"})
16    if resp.ok: 
17        return resp.text
18def isValidDownload(bookID, fileType="html"): 
19    """
20    A download of `downloadFile("20170817", "html")` should produce
21    a file 20170817.html which contains the text "It was a woodland 
22    slope behind St. Pierre-les-Bains". If it doesn't, it isn't getting 
23    the full text file. 
24    """
25    with open(f"{bookID}.{fileType}") as f: 
26        raw = f.read()
27    test = "woodland slope behind St. Pierre-les-Bains"
28    return test in raw
29downloadFile("20170817", "html")
30isValidDownload("20170817", "html")
31
1def downloadFile(bookID, fileType="html"): 
2    url = f"https://www.fadedpage.com/books/{bookID}/{fileType}.php"
3    #url = f'https://www.fadedpage.com/link.php?file={bookID}.{fileType}'
4    headers = {"Accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9", 
5               "User-Agent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) QtWebEngine/5.15.3 Chrome/87.0.4280.144 Safari/537.36",
6               "referer": "https://www.fadedpage.com/showbook.php?pid={bookID}",
7               "sec-fetch-dest": "document",
8                "sec-fetch-mode": "navigate",
9                "sec-fetch-site": "same-origin",
10                "sec-fetch-user": "?1",
11                "upgrade-insecure-requests": "1",
12                "cookie": "PHPSESSID=3r7ql7poiparp92ia7ltv8nai5"
13              }
14    print("Getting ", url)
15    resp = requests.get(url, headers=headers, cookies={"PHPSESSID": "3r7ql7poiparp92ia7ltv8nai5"})
16    if resp.ok: 
17        return resp.text
18def isValidDownload(bookID, fileType="html"): 
19    """
20    A download of `downloadFile("20170817", "html")` should produce
21    a file 20170817.html which contains the text "It was a woodland 
22    slope behind St. Pierre-les-Bains". If it doesn't, it isn't getting 
23    the full text file. 
24    """
25    with open(f"{bookID}.{fileType}") as f: 
26        raw = f.read()
27    test = "woodland slope behind St. Pierre-les-Bains"
28    return test in raw
29downloadFile("20170817", "html")
30isValidDownload("20170817", "html")
31False
32
Another attempt

A simpler version, based on the answer below, also doesn't work. Here it is all together:

1def downloadFile(bookID, fileType="html"): 
2    url = f"https://www.fadedpage.com/books/{bookID}/{fileType}.php"
3    #url = f'https://www.fadedpage.com/link.php?file={bookID}.{fileType}'
4    headers = {"Accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9", 
5               "User-Agent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) QtWebEngine/5.15.3 Chrome/87.0.4280.144 Safari/537.36",
6               "referer": "https://www.fadedpage.com/showbook.php?pid={bookID}",
7               "sec-fetch-dest": "document",
8                "sec-fetch-mode": "navigate",
9                "sec-fetch-site": "same-origin",
10                "sec-fetch-user": "?1",
11                "upgrade-insecure-requests": "1",
12                "cookie": "PHPSESSID=3r7ql7poiparp92ia7ltv8nai5"
13              }
14    print("Getting ", url)
15    resp = requests.get(url, headers=headers, cookies={"PHPSESSID": "3r7ql7poiparp92ia7ltv8nai5"})
16    if resp.ok: 
17        return resp.text
18def isValidDownload(bookID, fileType="html"): 
19    """
20    A download of `downloadFile("20170817", "html")` should produce
21    a file 20170817.html which contains the text "It was a woodland 
22    slope behind St. Pierre-les-Bains". If it doesn't, it isn't getting 
23    the full text file. 
24    """
25    with open(f"{bookID}.{fileType}") as f: 
26        raw = f.read()
27    test = "woodland slope behind St. Pierre-les-Bains"
28    return test in raw
29downloadFile("20170817", "html")
30isValidDownload("20170817", "html")
31False
32def downloadFile(bookID, fileType): 
33    headers = {"cookie": "PHPSESSID=3r7ql7poiparp92ia7ltv8nai5"}
34    url = f"https://www.fadedpage.com/link.php?file={bookID}.{fileType}"
35    print("Getting ", url)
36    with requests.get(url, headers = headers) as resp:
37        with open(f"{bookID}.{fileType}", 'wb') as f:
38            f.write(resp.content)
39
40def isValidDownload(bookID, fileType="html"): 
41    """
42    A download of `downloadFile("20170817", "html")` should produce
43    a file 20170817.html which contains the text "It was a woodland 
44    slope behind St. Pierre-les-Bains". If it doesn't, it isn't getting 
45    the full text file. 
46    """
47    with open(f"{bookID}.{fileType}") as f: 
48        raw = f.read()
49    test = "woodland slope behind St. Pierre-les-Bains"
50    return test in raw
51
52downloadFile("20170817", "html")
53isValidDownload("20170817", "html")
54

That returns False.

ANSWER

Answered 2022-Feb-22 at 01:50
  1. Pass cookies={"PHPSESSID": "3r7ql7poiparp92ia7ltv8nai5"} instead of headers={"cookie": "PHPSESSID=3r7ql7poiparp92ia7ltv8nai5"}.
    This is because the requests library does headers.pop('Cookie', None) upon redirect.
  2. Retry if resp.url is not f"https://www.fadedpage.com/books/{bookID}/{fileType}.php".
    This is because the server first redirects link.php with a different bookID to showbook.php.
  3. A download of downloadFile("20170817", "html") contains the text "The First Part of this book is intended for pupils", not "woodland slope behind St. Pierre-les-Bains" that is contained in a download of downloadFile("20130603", "html").
1def downloadFile(bookID, fileType="html"): 
2    url = f"https://www.fadedpage.com/books/{bookID}/{fileType}.php"
3    #url = f'https://www.fadedpage.com/link.php?file={bookID}.{fileType}'
4    headers = {"Accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9", 
5               "User-Agent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) QtWebEngine/5.15.3 Chrome/87.0.4280.144 Safari/537.36",
6               "referer": "https://www.fadedpage.com/showbook.php?pid={bookID}",
7               "sec-fetch-dest": "document",
8                "sec-fetch-mode": "navigate",
9                "sec-fetch-site": "same-origin",
10                "sec-fetch-user": "?1",
11                "upgrade-insecure-requests": "1",
12                "cookie": "PHPSESSID=3r7ql7poiparp92ia7ltv8nai5"
13              }
14    print("Getting ", url)
15    resp = requests.get(url, headers=headers, cookies={"PHPSESSID": "3r7ql7poiparp92ia7ltv8nai5"})
16    if resp.ok: 
17        return resp.text
18def isValidDownload(bookID, fileType="html"): 
19    """
20    A download of `downloadFile("20170817", "html")` should produce
21    a file 20170817.html which contains the text "It was a woodland 
22    slope behind St. Pierre-les-Bains". If it doesn't, it isn't getting 
23    the full text file. 
24    """
25    with open(f"{bookID}.{fileType}") as f: 
26        raw = f.read()
27    test = "woodland slope behind St. Pierre-les-Bains"
28    return test in raw
29downloadFile("20170817", "html")
30isValidDownload("20170817", "html")
31False
32def downloadFile(bookID, fileType): 
33    headers = {"cookie": "PHPSESSID=3r7ql7poiparp92ia7ltv8nai5"}
34    url = f"https://www.fadedpage.com/link.php?file={bookID}.{fileType}"
35    print("Getting ", url)
36    with requests.get(url, headers = headers) as resp:
37        with open(f"{bookID}.{fileType}", 'wb') as f:
38            f.write(resp.content)
39
40def isValidDownload(bookID, fileType="html"): 
41    """
42    A download of `downloadFile("20170817", "html")` should produce
43    a file 20170817.html which contains the text "It was a woodland 
44    slope behind St. Pierre-les-Bains". If it doesn't, it isn't getting 
45    the full text file. 
46    """
47    with open(f"{bookID}.{fileType}") as f: 
48        raw = f.read()
49    test = "woodland slope behind St. Pierre-les-Bains"
50    return test in raw
51
52downloadFile("20170817", "html")
53isValidDownload("20170817", "html")
54def downloadFile(bookID, fileType, retry=1):
55    cookies = {"PHPSESSID": "3r7ql7poiparp92ia7ltv8nai5"}
56    url = f"https://www.fadedpage.com/link.php?file={bookID}.{fileType}"
57    print("Getting ", url)
58    with requests.get(url, cookies=cookies) as resp:
59        if resp.url != f"https://www.fadedpage.com/books/{bookID}/{fileType}.php":
60            if retry:
61                return downloadFile(bookID, fileType, retry=retry-1)
62            else:
63                raise Exception
64        with open(f"{bookID}.{fileType}", 'wb') as f:
65            f.write(resp.content)
66
67def isValidDownload(bookID, fileType="html"):
68    """
69    A download of `downloadFile("20170817", "html")` should produce
70    a file 20170817.html which contains the text "The First Part of
71    this book is intended for pupils". If it doesn't, it isn't getting
72    the full text file.
73    """
74    with open(f"{bookID}.{fileType}") as f:
75        raw = f.read()
76    test = ""
77    if bookID == "20130603":
78        test = "woodland slope behind St. Pierre-les-Bains"
79    if bookID == "20170817":
80        test = "The First Part of this book is intended for pupils"
81    return test in raw
82

Source https://stackoverflow.com/questions/71166358

QUESTION

Time-dependent, repeatable pseudo-random number

Asked 2022-Feb-11 at 16:06

I need to generate a repeatable pseudo-random number that is dependent on the current time and a server secret. For example, this mechanism should generate a new pseudo-random number every minute. The next minute's random number should not be easily predictable.

Furthermore, I need to solve this in a stateless fashion (e.g., without storing a generated value in a database). It is possible that a server node might be asked to create such a number multiple times within the same minute, and it needs to generate the same number each time. Also, multiple server nodes (with the same server secret) need to generate the same number within a given time frame. The purpose of all this is not related to solving a security problem (e.g. a token generator), so it's not strictly necessary to use cryptographically secure PRNGs.

Linear-congruential PRNGs produce repeatable series of numbers when initialized with the same seed, so I could seed the PRNG with the combination of time and server secret and get the first random number it produces to meet my criteria. However, this type of PRNG typically uses a simple formula of next = (current * multiplier + offset) & mask, and, given a few known times and corresponding random numbers, it seems like it would be not all that hard to figure out the server secret (and then predict all future numbers in advance).

To make this sort of reverse engineering harder, I pull and discard a fixed number (e.g., 1000) of values from the freshly seeded PRNG before I get the "real" random number that I use. My thinking is that reverse-engineering 1000 cycles of next = (current * multiplier + offset) & mask would be significantly more difficult that reverse-engineering just a single cycle.

I am wondering if my thinking here is even correct. Is it true that figuring out a linear-congruential PRNG's seed is more difficult based on the 1000th value after seeding than it is for the first value of a freshly seeded generator? If so, how many iterations are sufficient before it stops increasing the difficulty?

If I'm completely off here, what are some better alternatives that fulfill the above stated criteria (repeatability, statelessness)?

ANSWER

Answered 2022-Feb-11 at 16:06

In a way, this is how Time-based one-time passwords (TOTPs) work, so you can use a similar solution.

To get a time value that changes every N seconds, you can use the following formula.

floor(timestamp / N)

Then, you can either turn that into a string or interpret it as bytes. Just pass it to something like HMAC in order to turn it into a pseudo-random value.

HMAC(SecretKey, floor(timestamp / N))

Here's a simple implementation in Python. This should be fairly similar in other languages too.

1import hmac
2import time
3
4# Duration that each value lasts, in seconds
5duration = 60
6
7# Generate randomly instead of using a phrase
8secret_key = b"very epic secret key"
9
10timestamp = int(time.time())
11timestamp = int(timestamp / duration)
12timestamp = timestamp.to_bytes(8, "big")
13
14value = hmac.digest(secret_key, timestamp, "sha256")
15print(value.hex())
16

You can also turn the value into an integer, or use it in other ways.

1import hmac
2import time
3
4# Duration that each value lasts, in seconds
5duration = 60
6
7# Generate randomly instead of using a phrase
8secret_key = b"very epic secret key"
9
10timestamp = int(time.time())
11timestamp = int(timestamp / duration)
12timestamp = timestamp.to_bytes(8, "big")
13
14value = hmac.digest(secret_key, timestamp, "sha256")
15print(value.hex())
16value_int = int.from_bytes(value, "big")
17

Source https://stackoverflow.com/questions/71013693

QUESTION

Selecting random radio button using JavaScript

Asked 2022-Jan-25 at 19:59

Objective

I'm using Alchemer (formerly SurveyGizmo) to create a survey. To properly route my participants I need to create a hidden question with radio buttons (single choice) in combination with a JavaScript action that selects one of the radio buttons randomly. The JavaScript should execute automatically when the page was loaded.

What I did

I searched stackoverflow and the internet, found a couple JSFiddles that did similar things, tried reverse engineering a solution for me, but it wont work.

I have zero education regarding programming languages, just going with the little that I think I understand from looking at other peoples work.

Using "Inspect Element", I see that my radio buttons all have the class 'sg-input sg-input-radio", so I try collecting them using getElementsByClassName, not even sure if this is the way to approach this.

Here is what I got so far

1$(document).ready(function(){
2    var array = document.getElementsByClassName('sg-input sg-input-radio');
3    var winnerButton;
4    var numberOfButtons = array.length;
5
6  
7  function SelectRadio() {
8    
9    var randomNumber = Math.floor(Math.random() * numberOfButtons);
10    
11    winnerButton = array[randomNumber];
12    
13    winnerButton.checked = true;
14   
15    }
16  
17SelectRadio();
18  
19}
20

When the page loads, no radio button is selected.

I somehow feel like I'm close to having it work, but I need someone who knows what they're doing.

Cheers and thank you for taking the time!

ANSWER

Answered 2022-Jan-25 at 19:57

I think the getElementsByClassName may have problems with multiple classes. So I used querySelectorAll and it works.

Maybe it was a c+p error, but in your example code a ); was missing.

1$(document).ready(function(){
2    var array = document.getElementsByClassName('sg-input sg-input-radio');
3    var winnerButton;
4    var numberOfButtons = array.length;
5
6  
7  function SelectRadio() {
8    
9    var randomNumber = Math.floor(Math.random() * numberOfButtons);
10    
11    winnerButton = array[randomNumber];
12    
13    winnerButton.checked = true;
14   
15    }
16  
17SelectRadio();
18  
19}
20$(document).ready(function(){
21    var array = document.querySelectorAll('.sg-input.sg-input-radio');
22    var winnerButton;
23    var numberOfButtons = array.length;
24
25  
26  function SelectRadio() {
27    var randomNumber = Math.floor(Math.random() * numberOfButtons);
28    
29    winnerButton = array[randomNumber];
30    
31    winnerButton.checked = true;
32   
33    }
34  
35    SelectRadio();
36   
37});
38

Source https://stackoverflow.com/questions/70854641

QUESTION

How to securely store a hardcoded API key on Android?

Asked 2022-Jan-03 at 11:06

In my Android project, I want to store an API key in a secured manner. That key is generated from outside the app and need to be stored somehow in the app before building the app.

I've seen some examples of how to use the KeyStore (like this or this), but as far as I understand, those are solutions to store secret keys generated during runtime, and not keys that I would store somewhere in my code.

I've also checked the other methods explained here, but they look like the API key could quite easily be retrieved thanks to reverse engineering.

I also don't want to store my key in my code, also because it could easily be retrieved via reverse engineering.

The purpose of it is to be able to send that key everytime I call a webservice that I've made, so I'm sure (or almost sure) that the call comes from the original app that I'm making and that will be published on the Play Store, and not from elsewhere.

I'm far from being a security expert, so any help would be appreciated.

Thanks.

ANSWER

Answered 2022-Jan-03 at 11:06
YOUR CHALLENGE

The purpose of it is to be able to send that key everytime I call a webservice that I've made, so I'm sure (or almost sure) that the call comes from the original app that I'm making and that will be published on the Play Store, and not from elsewhere.

This is a very hard task to achieve, but not impossible one and here is where one needs to make a deep dive in mobile API security and understand the mechanics behind it.

It's fundamental to have a clear understand between the difference of who is in the API request versus what is making that API request, otherwise any security solution you may devise/use may not have the intended results.

The Difference Between WHO and WHAT is Accessing the API Server

I wrote a series of articles around API and Mobile security, and in the article Why Does Your Mobile App Need An Api Key? you can read in detail the difference between who and what is accessing your API server, but I will extract here the main takes from it:

The what is the thing making the request to the API server. Is it really a genuine instance of your mobile app, or is it a bot, an automated script or an attacker manually poking around your API server with a tool like Postman?

The who is the user of the mobile app that we can authenticate, authorize and identify in several ways, like using OpenID Connect or OAUTH2 flows.

So, you need to think about the who as the user your API server will be able to Authenticate and Authorize access to the data, and you need to think about the what as the software making that request in behalf of the user.

REVERSE ENGINEERING

I also don't want to store my key in my code, also because it could easily be retrieved via reverse engineering.

That's very true, it's more or less easily achieved depending on the method used to hide the API key, as per the ones you mention:

I've also checked the other methods explained here, but they look like the API key could quite easily be retrieved thanks to reverse engineering.

No matter how secure the API key has been stored, be it in the Android Keystore, encrypted, obfuscated, etc, at some point the API key will need to be in plain text to be sent on the API request header, and in this moment it will be vulnerable to be extracted via static reverse engineering, via a MitM attack or via an instrumentation framework

I have wrote the article How to Extract an API key from a Mobile App with Static Binary Analysis to illustrate how easy it can be done:

The range of open source tools available for reverse engineering is huge, and we really can't scratch the surface of this topic in this article, but instead we will focus in using the Mobile Security Framework(MobSF) to demonstrate how to reverse engineer the APK of our mobile app. MobSF is a collection of open source tools that present their results in an attractive dashboard, but the same tools used under the hood within MobSF and elsewhere can be used individually to achieve the same results.

During this article we will use the Android Hide Secrets research repository that is a dummy mobile app with API keys hidden using several different techniques.

I also wrote another article to achieve it during runtime, Steal that Api Key with a Man in the Middle Attack:

In order to help to demonstrate how to steal an API key, I have built and released in Github the Currency Converter Demo app for Android, which uses the same JNI/NDK technique we used in the earlier Android Hide Secrets app to hide the API key.

So, in this article you will learn how to setup and run a MitM attack to intercept https traffic in a mobile device under your control, so that you can steal the API key. Finally, you will see at a high level how MitM attacks can be mitigated.

An instrumentation framework can also be used during runtime to hook into the code that uses the API key in order to extract it. For example with the popular Frida framework:

Inject your own scripts into black box processes. Hook any function, spy on crypto APIs or trace private application code, no source code needed. Edit, hit save, and instantly see the results. All without compilation steps or program restarts.

So, no matter what it's done to secure the API key, once it's on the API request will be vulnerable to be extracted.

MOBILE API SECURITY

Anything that runs on the client side and needs some secret to access an API can be abused in different ways and you can learn more on this series of articles about Mobile API Security Techniques. This articles will teach you how API Keys, User Access Tokens, HMAC and TLS Pinning can be used to protect the API and how they can be bypassed.

POSSIBLE SOLUTIONS

I recommend you to read this answer I gave to the question How to secure an API REST for mobile app?, especially the sections Hardening and Shielding the Mobile App, Securing the API Server and A Possible Better Solution.

The possible best solution for your problem is known by Mobile App Attestation, that will let your backend know that what is making the request is indeed a genuine and untampered version of your mobile app, as you wish to achieve:

The purpose of it is to be able to send that key everytime I call a webservice that I've made, so I'm sure (or almost sure) that the call comes from the original app that I'm making and that will be published on the Play Store, and not from elsewhere.

Do You Want To Go The Extra Mile?

In any response to a security question I always like to reference the excellent work from the OWASP foundation.

For APIS

OWASP API Security Top 10

The OWASP API Security Project seeks to provide value to software developers and security assessors by underscoring the potential risks in insecure APIs, and illustrating how these risks may be mitigated. In order to facilitate this goal, the OWASP API Security Project will create and maintain a Top 10 API Security Risks document, as well as a documentation portal for best practices when creating or assessing APIs.

For Mobile Apps

OWASP Mobile Security Project - Top 10 risks

The OWASP Mobile Security Project is a centralized resource intended to give developers and security teams the resources they need to build and maintain secure mobile applications. Through the project, our goal is to classify mobile security risks and provide developmental controls to reduce their impact or likelihood of exploitation.

OWASP - Mobile Security Testing Guide:

The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security development, testing and reverse engineering.

Source https://stackoverflow.com/questions/68685462

QUESTION

Reverse engineering .proto files from pb2.py generated with protoc

Asked 2021-Dec-26 at 13:00

Is it possible to get proto files from generated pb2.py with protoc? Will be the same reverse engineering possible for gRPC?

ANSWER

Answered 2021-Dec-25 at 16:37

It is possible but I'm unaware of any tools that do this.

Protocol Buffers (protos) including gRPC service definitions are compiled by protoc into language-specific sources. You're looking for a decompiler.

We know that the process is invertible because it works; we're able to send messages using generated sources -- even across languages -- to peers.

Source https://stackoverflow.com/questions/70479912

QUESTION

Flutter is it meaningless to upload debug symbols on obfuscating?

Asked 2021-Dec-18 at 00:20

I have uploaded a flutter obfuscating bundle to the play store. I have got the following warning:

This App Bundle contains native code, and you've not uploaded debug symbols. We recommend that you upload a symbol file to make your crashes and ANRs easier to analyse and debug.

Isn't it meaningless to obfuscate your app and then add debug symbols?

The idea behind obfuscating is difficult reverse engineering by making the code unreadable. Does giving a debug symbols file the same as giving a decrypt obfuscating map?

ANSWER

Answered 2021-Dec-18 at 00:20

Obfuscation is all about renaming your human-readable classes and functions into something meaningless to a human. Machines don't care about names but people trying to reverse engineer your code would have a much harder time.

On the other hand, when your app crashes, the Google Play Developer Console would log this crash for you to inspect and debug. But as the final user has an obfuscated version of your app, the report sent to you is written with meaningless names and you cannot debug it.

Now, the debug symbols map are used internally by the Play Console to resymbolize the crash report into human readable class names so you can debug it easily.

TLDR: Upload the debug symbols. They allow you (the developer) to debug ofuscated crash reports and are only available (indirectly) to you, not people trying to reverse engineer your app

Source https://stackoverflow.com/questions/69872631

Community Discussions contain sources that include Stack Exchange Network

Tutorials and Learning Resources in Reverse Engineering

Tutorials and Learning Resources are not available at this moment for Reverse Engineering

Share this Page

share link

Get latest updates on Reverse Engineering