[tntn]

> My other option was to translate it into real assembly

I wrote a compiler from emoji-code to amd64 (mostly because I'm more interested in compilers than reversing). It runs quite fast - prints the whole domain in ~1 min. I'd highly recommend it to people who are into assembly, it was a fun exercise.

[archgoon]

How did you implement the JUMP_TOP instruction? You need to jump to the x86_64 instructions that correspond to the given emoji index; did you implement a jump table?

[tntn]

Yeah, I put labels corresponding to the original IP throughout and used a jump table.

[archgoon]

That's pretty cool! I just transliterated the instructions into C macros; but i didn't bother with the jump tables. The nice thing with this approach is that you can mix vm instructions with c code freely; and get gdb support. I needed that because speeding up via C wasnt enough to decode the full URL and I still needed to do additional reversing.

Was your method fast enough to get all three parts of the URL?

[tntn]

It produces the full domain name (up to .com) in ~ 1 minute. If there is more to the url (a path, ?= parameters, etc) after the domain name, then no.

[aereal]

would you mind sharing this? I'd love to check it out :)

[tntn]

https://pastebin.com/eEuJcy18