That's a warning from the renamer, so try --dont-rename or just ignore the warning msg. Maybe it's still runnable?

Ain't it possible to get a verbose output of error

Command: de4dot.exe -f "D:\xxks\EXAMTEACHER.exe" -o "D:\xxks\EXAMTEACHER_de4dot.exe"
Output:

de4dot v3.1.41592.3405 Copyright (C) 2011-2014 de4dot@gmail.com
Latest version and source code: https://github.com/0xd4d/de4dot
21 deobfuscator modules loaded!

Detected Dotfuscator 12345:1:2:4.2.5000.27554 (D:\xxks\EXAMTEACHER.exe)
Cleaning D:\xxks\EXAMTEACHER.exe
WARNING: Could not deobfuscate method 06000185. Hello, E.T.: System.ApplicationException
Renaming all obfuscated symbols
Saving D:\xxks\EXAMTEACHER_de4dot.exe
ERROR: Error calculating max stack value. If the method's obfuscated, set CilBody.KeepOldMaxStack or MetaDataOptions.Flags (KeepOldMaxStack, global option) to ignore this error. Otherwise fix your generated CIL code so it conforms to the ECMA standard.
ERROR: Instruction operand is null
ERROR: Operand is not a local/arg
ERROR: Instruction is null
ERROR: Target instruction is too far away for a short branch. Use the long branch or call CilBody.SimplifyBranches() and CilBody.OptimizeBranches()
Ignored 7741 warnings/errors
Use -v/-vv option or set environment variable SHOWALLMESSAGES=1 to see all messages

Why?

@speedboy
Try de4dot fixed by ivancitooz
http://rghost.net/8kVDPKcfc

It has several obfuscators updated :)

It is not X86!

Upload exe and I will try for you :)

i have an exe which de4dot detects it as Unknown Obfuscator. class names, method names and member names are all like guids, and it uses "Call Hiding" obfuscating method.
anybody knows what obfuscator it may be?

You can reserach witch obfuscator might be and add support to de4dot by yourself.
Just take a look here:

as i researched into the obfuscators it seems that it has been obfuscated with something like "disguiser.net". is there any solution available for this one?

......................................

i found it with the help of kao
it was AppFuscator :-)

There are some tools for unpacking and string decrypting for this protector.

Hi giv
i can not unpack this file with de4dot !
may you help me ?
thanks

A newbie question indeed.. i used de4dot.exe to deobfuscate the attached folder usig -d flag it deobfuscated all obfuscated exes (crypto obfuscator) but the problem is no the program does not run rather hangs..

https://mega.nz/#!00QmSZYK!56oBkSL9-7pc9KsMKEr7lW4cftLLluTyKyL-erLqvpQ

>but the problem is no the program does not run rather hangs..

deobfuscating != correct run :)

you need to charge your mind and go to rabbit hole

de4dot-Support.Reactor5.0-wuhensoft

http://crack.vc/RceTools/NET/de4dot-Support.Reactor5.0-wuhensoft.7z

Hi all thanks for all! I unpacked it but the problem is my patching is nasty so license window appears frequently though it is not a big problem since you can put anything of proper length and get licensed!!

Is there a better solution?

https://mega.nz/#!E0gTCKCb!hFeYMsc40_9ftsh0O-5GU19WosWFTCn333RoGA2JYBc

I'm trying to use this, but it says unknown obfuscator and while it worked partially, most important stuff are still obfuscated and can't be browsed. Can anyone help? Here's the link to exe

https://mega.nz/#!awFjCIZL!FobLU14jimDuOKAv8MdEjzyU0Jg0haLiIQztSOv1ps0

You can force De4dot to select which de-obfuscation technique is to be used.

interesting, works perfect except still found something like "b0494a1f-4bd3-bFLN5Q3B5OEj76UB/UqymA==" in the Resources line.

can deobfuscate smartassembly?

can - yes!
just GIAT!

Best Tool!

Wow, I really appreciate this share. It helped me resolve some issues I was having with a particular binary, and even more important, it helped me figure out what I was doing wrong when attempting to manually unpack it.

I was wondering if people are still using de4dot or are there better alternatives now?

You can try this
https://github.com/HongThatCong/de4dot_mod

Looks like de4dot mod is .net 3.5 based anything for 4.x or even 5 available?

cannot decrypt dotfuscator string

Hello friends,
I hate necrobumping, but I think this is the best place to ask a question about de4dot.

The original de4dot repo is this:
This repo is archived and it is not maintaining now. There are a lot of different modified versions of de4dot, I personally use @Mobile46 's modified version:
You know dnSpy is also archived but [thank to open source gods] a guy took responsibility and now maintains dnSpy:
Maybe I have missed, are there anyone who maintains and continues developing de4dot like dnspy(ex)? Or all we have is modified versions of it?

Thank you.

blue_devil this was a great question, though I don't know the answer and usually use mobile46 version as well. My collection is approximately the same as this dump:
https://github.com/ipwnosx/de4dot-All-Version-2021, meaning I have no secret de4dot. There are other good deobf tools like SAE which are also growing stale over time..

I got it.

After writing this post, I have continued searching. Unfortunately, there is nobody who keeps developing de4dot (like in dnSpyex). Nevertheless we have modified versions. At least they are open source.

@zen, what do you mean by SAE? Do you mean, "Simple Assembly Explorer"? If it is, it is not a deobfuscator, am I wrong?

Yeah, SAE was quite cool tool for it's age... back 7..8+ years ago
but it is still usable
https://github.com/wickyhu/simple-assembly-explorer

the only tool that could show decompilation output from more then one engine...
theoretically extendable

@Yeah you are right, but I use dnSpy and Reflector+Reflexil; mostly.

dnSpy is super cool except it uses very old ILSpy decompiler engine under the hood (IL3 or IL4)
right now IL8 is available and it is a huge change comparing to what is used in old good dnSpy... :(
BTW, Reflexil is available as plugin for ILSpy as well, not just for .NET Reflector