From: | "Michael Tiomkin" <tmk@netvision.net.il> |
Newsgroups: | comp.lang.c++,comp.compilers |
Date: | 14 May 2005 19:00:56 -0400 |
Organization: | http://groups.google.com |
References: | 05-05-092 |
Keywords: | code |
Posted-Date: | 14 May 2005 19:00:56 EDT |
Matt wrote:
> I have object/machine code in static library (written and compiled
> using C++) that I wish to make difficult to reverse-engineer. ...
>
> I'm looking for something analogous to code obfuscation (sp?) on the
> source-code side, but applied to the object code.
>
> I am told that there may be mechanisms to do this for Java bytecode
> objects to make them difficult to reverse engineer. Might there be
> something similar for general object code (at least for C++
> compilers/linkers)?
> [Decompiling any but the smallest machine code libraries,
> particularly in the absence of debugging symbols, is a great deal of
> work. You can disassemble them easily enough, but figuring out what
> the code does is a slog. Unless your library does something like
> solving the travelling salesman problem in O(n^2) time, I wouldn't
> worry about it. -John]
Well, you can also make the code hard to disassemble. There are
products for "code compression", and methods for creating executable
binary code that is hard to decode. Look at the book of P. Cerven for
some Win/x86 examples.
The easiest way of binary obfuscation is using inlined functions,
high level of optimization and stripping the code of debug info, as
John wrote. Recall that without at least -O2 or -O3 the compiled code
will be very similar to the source.
Theoretically, any standalone code can be understood - just run it
(and the OS) through simulator and analyze the trace for different
inputs/situations.
The problem in most cases is how much resources your opponents have,
and what is the size and complexity of your code.
For C/C++ you can process pieces of the code on source level, and
this can make code obfuscation much easier. One of my students had got
a small obfuscation project as a part of advanced programming course.
His system creates randomly looking self-modifying code in parts of
the program defined by the user. I think he would be able to publish
his code when he finishes the project.
Michael
[Ah, but if he publishes his code, will we be able to figure out out?
-John]
Return to the
comp.compilers page.
Search the
comp.compilers archives again.