To de-obfuscate code is not as hard as it seems, maybe having some manual effort involved, creating an application bypassing Luraph and Synapse Xen would be easy, as they use Hex, and other methods to bypass other de-obfuscating methods.
Example of this;
De-obfuscating code has a lot of steps, but here are some;
- Analyze the code you have, see what methods they’re using.
If they’re using methods such as loadstring or getfenv simply print the basic obfuscation. - Look at the guts on the code, is it Synapse Xen or Luraph? Is this advanced or not?
If this is advanced, and you still didn’t get around it, use a Hex Decoder - After all this is done, is the code readable? Usually they use Lua Minifiers to make it even harder, did they use one?
If they used one, simple re-organize the code. - Is the code readable? Did you do it all correctly?
Obviously at this final step, the code wont be 1000% de-obfuscated, it’ll still have basic obfuscation methods, but it took me around 20 minutes to create this method which on average takes 10-40 minutes depending obfuscation level to de-obfuscate an advanced obfuscator.
HexDecoder, Luraph and Synapse Xen’s enemy.
Once those steps are followed, and you’ve successfully decoded Luraph and or Synapse Xen with a Hex Decoder ( or the site I’ve linked, very very good and simple to use, it is literally these large exploit creator’s enemy ). Also, if you noticed, you have to analyze the code as said in step one, and see the level of de-ob you have to take into consideration.
Example:
Good luck!