{"id":13759501,"url":"https://github.com/Decurity/abi-decompiler","last_synced_at":"2025-05-10T09:32:42.210Z","repository":{"id":38826708,"uuid":"138786934","full_name":"Decurity/abi-decompiler","owner":"Decurity","description":"Ethereum (EVM) smart contracts reverse engineering helper utility","archived":false,"fork":false,"pushed_at":"2022-06-15T19:48:27.000Z","size":883,"stargazers_count":215,"open_issues_count":1,"forks_count":33,"subscribers_count":8,"default_branch":"master","last_synced_at":"2024-05-18T20:40:58.706Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"https://decurity.io","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Decurity.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-06-26T20:02:04.000Z","updated_at":"2024-05-02T16:47:59.000Z","dependencies_parsed_at":"2022-09-04T12:01:22.999Z","dependency_job_id":null,"html_url":"https://github.com/Decurity/abi-decompiler","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Decurity%2Fabi-decompiler","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Decurity%2Fabi-decompiler/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Decurity%2Fabi-decompiler/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Decurity%2Fabi-decompiler/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Decurity","download_url":"https://codeload.github.com/Decurity/abi-decompiler/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":224940998,"owners_count":17395804,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-03T13:00:54.194Z","updated_at":"2024-11-16T16:30:58.294Z","avatar_url":"https://github.com/Decurity.png","language":"C","funding_links":[],"categories":["dApps directory","\u003ca name=\"tools\"\u003e\u003c/a\u003e Tools"],"sub_categories":["Decompilers","\u003ca name=\"forensics\"\u003e Forensics"],"readme":"## Description\r\nThe purpose of abi-decompiler is to implement a simple tools to recover ABI of EVM smart contracts, including function names.\r\n\r\nThis side project is not yet a full Solidity decompiler, but it may be used as a helper tool during smart contract reverse engineering and security assessment.\r\n\r\nThe tool is written in Python2 and is equipped with several wordlists for function signature brute force.\r\nWordlists are compiled from real smart contracts and top 100k english words.\r\nAlso a signature database was imported from https://github.com/trailofbits/ethersplay.\r\n\r\n## UPDATE 06/2022\r\nThe old Python version is very slow and buggy. Please see the limited C++ version that is only capable of multi-threaded signature brute force.\r\n\r\n### Compilation\r\n\r\n```\r\nclang++ -O3 -std=c++11 -pthread sha3.c sig-bruteforcer.cpp -o sig-bruteforcer\r\n```\r\n\r\n### Usage\r\nArguments:\r\n```\r\n./sig-bruteforcer \u003cHex-encoded function selector\u003e \u003cPath to the function names\u003e \u003cNum of threads\u003e \u003cMax num of function arguments\u003e\r\n```\r\n\r\nExample:\r\n```\r\n % ./sig-bruteforcer 2e1a7d4d solnames.txt 4 5\r\nStarted thread from: 0\r\nStarted thread from: 432\r\nStarted thread from: 864\r\nStarted thread from: 1296\r\nFOUND =\u003e withdraw(uint256)\r\n```\r\n\r\n### TODO\r\nImplement a generalized brute force for different data types and sizes and the arrays.\r\n\r\n\r\n## [DEPRECATED] Usage\r\n\r\nArguments:\r\n```\r\n$ python abi-decompiler.py \r\nUsage: abi-decompiler.py [options]\r\n\r\nOptions:\r\n  -h, --help            show this help message and exit\r\n  -w DICT, --wordlist=DICT\r\n                        input file function names list\r\n  -f FILE, --file=FILE  file containing EVM bytecode\r\n  -e EXHAUST, --exhaustive=EXHAUST\r\n                        try only common types or all (0 / 1)\r\n  -a ARGS, --args=ARGS  maximum number of function args\r\n  -d DISASM, --disasm=DISASM\r\n                        Only disassembly the bytecode (0 / 1)\r\n  -v VERBOSE, --verbose=VERBOSE\r\n                        Verbosity (0 - 2)\r\n```\r\n\r\nExample run:\r\n```\r\n$ python abi-decompiler.py -f /root/blockchain/contract.bin -w ./solnames1.txt\r\nINFO:root:Starting to disassembly\r\nDEBUG:root:Found function 28657aa5 at offset 103\r\nDEBUG:root:Found function 2e1a7d4d at offset 146\r\nDEBUG:root:Found function a5c12f79 at offset 191\r\nDEBUG:root:Found function d87aa643 at offset 265\r\nWARNING:root:Found functions: 28657aa5, 2e1a7d4d, a5c12f79, d87aa643\r\nINFO:root:Now processing function 28657aa5\r\nDEBUG:root:Processed 0 names\r\nINFO:root:Now processing function 2e1a7d4d\r\nDEBUG:root:Processed 0 names\r\nWARNING:root:FOUND function 2e1a7d4d prototype: withdraw(uint256)\r\nINFO:root:Now processing function a5c12f79\r\nDEBUG:root:Processed 0 names\r\nINFO:root:Now processing function d87aa643\r\nDEBUG:root:Processed 0 names\r\nWARNING:root:FOUND function d87aa643 prototype: invest(uint256,uint256)\r\n==================================================\r\nGENERATED ABI:\r\n[{'constant': False,\r\n  'inputs': [{'name': 'param1', 'type': 'uint256'},\r\n             {'name': 'param2', 'type': 'uint256'}],\r\n  'name': 'invest',\r\n  'outputs': [],\r\n  'payable': False,\r\n  'stateMutability': 'nonpayable',\r\n  'type': 'function'},\r\n {'constant': False,\r\n  'inputs': [{'name': 'param1', 'type': 'uint256'}],\r\n  'name': 'withdraw',\r\n  'outputs': [],\r\n  'payable': False,\r\n  'stateMutability': 'nonpayable',\r\n  'type': 'function'},\r\n {'constant': False,\r\n  'inputs': [],\r\n  'name': 'function_a5c12f79',\r\n  'outputs': [],\r\n  'payable': True,\r\n  'stateMutability': 'payable',\r\n  'type': 'function'},\r\n {'constant': False,\r\n  'inputs': [],\r\n  'name': 'function_28657aa5',\r\n  'outputs': [],\r\n  'payable': True,\r\n  'stateMutability': 'payable',\r\n  'type': 'function'}]\r\n==================================================\r\nGENERATED INTERFACE:\r\ncontract DecompiledContract {\r\n\r\n    function invest(uint256 param1, uint256 param2) {}\r\n\r\n    function withdraw(uint256 param1) {}\r\n\r\n    function function_a5c12f79() payable {}\r\n\r\n    function function_28657aa5() payable {}\r\n\r\n}\r\n```\r\n\r\nDisassembly:\r\n```\r\n$ python abi-decompiler.py -f /root/blockchain/contract.bin -w ./solnames1.txt -d 1 | more\r\n0x00000000\t60...\tPUSH1\t0x80\r\n0x00000002\t60...\tPUSH1\t0x40\r\n0x00000004\t52\tMSTORE\r\n0x00000005\t60...\tPUSH1\t0x40\r\n0x00000007\t51\tMLOAD\r\n0x00000008\t60...\tPUSH1\t0x40\r\n0x0000000A\t80\tDUP1\r\n0x0000000B\t61...\tPUSH2\t0x9407\r\n0x0000000E\t83\tDUP4\r\n0x0000000F\t39\tCODECOPY\r\n0x00000010\t81\tDUP2\r\n0x00000011\t1\tADD\r\n0x00000012\t80\tDUP1\r\n0x00000013\t60...\tPUSH1\t0x40\r\n0x00000015\t52\tMSTORE\r\n0x00000016\t81\tDUP2\r\n0x00000017\t1\tADD\r\n0x00000018\t90\tSWAP1\r\n. . .\r\n```\r\n\r\n## Known bugs\r\n\r\nThis tool was meant to keep very simple, that's why there's no fancy clever mathematical analysis, symbolic execution.\r\n\r\nThis means that this dirty tool lacks some features and cannot accurately calculate some features (types of return value, payable modifier).\r\n\r\nI will try to solve this challenge and make it work without huge dependencies =)\r\n\r\n## TODO\r\n\r\n- Fix wrong payable modifier calculation\r\n- Implement return value detection\r\n- Add inline assembly to the interface to generate ready-to-use source code for debugging \r\n- Add stack details to disassembly","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FDecurity%2Fabi-decompiler","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FDecurity%2Fabi-decompiler","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FDecurity%2Fabi-decompiler/lists"}