Introduction to Software Engineering/Tools/Obfuscation
Obfuscated code is source or machine code that has been made difficult to understand for humans. Programmers may deliberately obfuscate code to conceal its purpose (security through obscurity) or its logic to prevent tampering, deter reverse engineering, or as a puzzle or recreational challenge for someone reading the source code. Programs known as obfuscators transform readable code into obfuscated code using various techniques. Code obfuscation is different in essence from hardware obfuscation, where description and/or structure of a circuit is modified to hide its functionality.
Overview
[edit | edit source]Some languages may be more prone to obfuscation than others.[1][2] C,[3] C++,[4] and Perl[5] are some examples.
Recreational obfuscation
[edit | edit source]Writing and reading obfuscated source code can be a brain teaser for programmers. A number of programming contests reward the most creatively obfuscated code: the International Obfuscated C Code Contest, Obfuscated Perl Contest, and International Obfuscated Ruby Code Contest.
Types of obfuscations include simple keyword substitution, use or non-use of whitespace to create artistic effects, and self-generating or heavily compressed programs.
Short obfuscated Perl programs may be used in signatures of Perl programmers. These are JAPHs ("Just another Perl hacker").[citation needed]
Examples
[edit | edit source]This is a winning entry from the International Obfuscated C Code Contest[6] written by Ian Phillipps in 1988[7] and subsequently reverse engineered by Thomas Ball.[8]
/*
LEAST LIKELY TO COMPILE SUCCESSFULLY:
Ian Phillipps, Cambridge Consultants Ltd., Cambridge, England
*/
#include <stdio.h>
main(t,_,a)
char
*
a;
{
return!
0<t?
t<3?
main(-79,-13,a+
main(-87,1-_,
main(-86, 0, a+1 )
+a)):
1,
t<_?
main(t+1, _, a )
:3,
main ( -94, -27+t, a )
&&t == 2 ?_
<13 ?
main ( 2, _+1, "%s %d %d\n" )
:9:16:
t<0?
t<-72?
main( _, t,
"@n'+,#'/*{}w+/w#cdnr/+,{}r/*de}+,/*{*+,/w{%+,/w#q#n+,/#{l,+,/n{n+,/+#n+,/#;\
#q#n+,/+k#;*+,/'r :'d*'3,}{w+K w'K:'+}e#';dq#'l q#'+d'K#!/+k#;\
q#'r}eKK#}w'r}eKK{nl]'/#;#q#n'){)#}w'){){nl]'/+#n';d}rw' i;# ){nl]!/n{n#'; \
r{#w'r nc{nl]'/#{l,+'K {rw' iK{;[{nl]'/w#q#\
\
n'wk nw' iwk{KK{nl]!/w{%'l##w#' i; :{nl]'/*{q#'ld;r'}{nlwb!/*de}'c ;;\
{nl'-{}rw]'/+,}##'*}#nc,',#nw]'/+kd'+e}+;\
#'rdq#w! nr'/ ') }+}{rl#'{n' ')# }'+}##(!!/")
:
t<-50?
_==*a ?
putchar(31[a]):
main(-65,_,a+1)
:
main((*a == '/') + t, _, a + 1 )
:
0<t?
main ( 2, 2 , "%s")
:*a=='/'||
main(0,
main(-61,*a, "!ek;dc i@bK'(q)-[w]*%n+r3#l,{}:\nuwloca-O;m .vpbks,fxntdCeghiry")
,a+1);}
It is a C program that when compiled and run will generate the 12 verses of The 12 Days of Christmas. It contains all the strings required for the poem in an encoded form within the code.
A non-winning entry from the same year, the next example illustrates creative use of whitespace; it generates mazes of arbitrary length [9]:
char*M,A,Z,E=40,J[40],T[40];main(C){for(*J=A=scanf(M="%d",&C);
-- E; J[ E] =T
[E ]= E) printf("._"); for(;(A-=Z=!Z) || (printf("\n|"
) , A = 39 ,C --
) ; Z || printf (M ))M[Z]=Z[A-(E =A[J-Z])&&!C
& A == T[ A]
|6<<27<rand()||!C&!Z?J[T[E]=T[A]]=E,J[T[A]=A-Z]=A,"_.":" |"];}
Modern C compilers don't allow constant strings to be overwritten, which can be avoided by changing "*M" to "M[3]" and omitting "M=".
An example of a JAPH:
@P=split//,".URRUU\c8R";@d=split//,"\nrekcah xinU / lreP rehtona tsuJ";sub p{
@p{"r$p","u$p"}=(P,P);pipe"r$p","u$p";++$p;($q*=2)+=$f=!fork;map{$P=$P[$f^ord
($p{$_})&6];$p{$_}=/ ^$P/ix?$P:close$_}keys%p}p;p;p;p;p;map{$p{$_}=~/^[P.]/&&
close$_}%p;wait until$?;map{/^r/&&<$_>}%p;$_=$d[$q];sleep rand(2)if/\S/;print
This slowly displays the text "Just another Perl / Unix hacker", multiple characters at a time, with delays. An explanation can be found here.
Some Python examples can be found in the official Python programming FAQ.
Disadvantages of obfuscation
[edit | edit source]At best, obfuscation merely makes it time-consuming, but not impossible, to reverse engineer a program. [10]
Obfuscating software
[edit | edit source]A variety of tools exists to perform or assist with code obfuscation. These include experimental research tools created by academics, hobbyist tools, commercial products written by professionals, and open-source software. There also exist deobfuscation tools that attempt to perform the reverse transformation.
Although the majority of commercial obfuscation solutions work by transforming either program source code[11][12], or platform-independent bytecode as used by Java[13] and .NET[14], there are also some that work with C and C++[15][16] - languages that are typically compiled to native code.
Notes
[edit | edit source]- ↑ Obfuscation: Cloaking your Code from Prying Eyes
- ↑ Jeff Atwood, May 15 2005
- ↑ Obfuscation
- ↑ C++ Tutorials - Obfuscated Code - A Simple Introduction | DreamInCode.net
- ↑ Pe(a)rls in line noise
- ↑ [The International Obfuscated C Code Contest]
- ↑ "International Obfuscated C Code Winners 1988 - Least likely to compile successfully"
- ↑ "Reverse Engineering the Twelve Days of Christmas" by Thomas Ball
- ↑ Don Libes, Obfuscated C and Other Mysteries, John Wiley & Sons, 1993, pp 425. ISBN 0-471-57805-3
- ↑ "Can We Obfuscate Programs?" by Boaz Barak
- ↑ Open Directory - Computers: Programming: Languages: JavaScript: Tools: Obfuscators
- ↑ Open Directory - Computers: Programming: Languages: PHP: Development Tools: Obfuscation and Encryption
- ↑ Open Directory - Computers: Programming: Languages: Java: Development Tools: Obfuscators
- ↑ Open Directory - Computers: Programming: Component Frameworks: .NET: Tools: Obfuscators
- ↑ Cloakware Application Security
- ↑ Morpher - Compiler Driven Obfuscation
References
[edit | edit source]- B. Barak, O. Goldreich, R. Impagliazzo, S. Rudich, A. Sahai, S. Vadhan and K. Yang. "On the (Im)possibility of Obfuscating Programs". 21st Annual International Cryptology Conference, Santa Barbara, California, USA. Springer Verlag LNCS Volume 2139, 2001.
- Mateas, Michael; Nick Montfort. "A Box, Darkly: Obfuscation, Weird Languages, and Code Aesthetics". Proceedings of the 6th Digital Arts and Culture Conference, IT University of Copenhagen, 1–3 December 2005. pp. 144–153. http://nickm.com/cis/a_box_darkly.pdf.
External links
[edit | edit source]- The International Obfuscated C Code Contest
- Protecting Java Code Via Code Obfuscation, ACM Crossroads, Spring 1998 issue
- Protect Your Java Code - Through Obfuscators And Beyond, April 2009
- Dotfuscator in Visual Studio on MSDN resource page — Visual Studio 2008 documentation for built-in .NET obfuscation
- Obfuscation tools for .NET, on MSDN — Obfuscation resources for .NET, on the Microsoft Developer Center.
- Can we obfuscate programs?
- Yury Lifshits. Lecture Notes on Program Obfuscation (Spring'2005)
- Obfuscate member names in .NET code
- Java obfuscators at Curlie
- Analysis of the 12 days program
- Analysis of the obfuscated maze generating program
- Obfuscated Perl program with explanation
- Making C compiler generate obfuscated code
- Protect php code via code obfuscation