Jump to content
  • Advertisement
Sign in to follow this  
Nice Coder

Code Obfuscator.

This topic is 5044 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

[Edit: Text recovered from one of the deleted posts. - Oluseyi] I was thinking about writing a vbscript/vb code Obfuscator in visual basic. (to protect my source). How well does code obfucation (automatic, without you actually changing your code to make it harder to read), protect against hacks (if you've got obfucated anti-hack code.)?). I can currently think of three methods of code obfucation. 1. renaming of variables, constants, subroutines and procedures. 2. remove comments and whitespace, and other non-code items. 3. moving of code. For egsample if you hav the code A = 12 + 14 B = 30 C = 23 + 34 That would also work if it were C = 23 + 34 B = 30 A = 12 + 14 And any other way as well. Now if you have something like: A = 12 B = C + 15 D = 34 C = A + 2 E = C * A YOu could re-arrange that to B = C + 15 D = 34 A = 12 E = C * A C = A = 2 ... my problem is finding a way to do this automatically. What i was thinking about, for this, is to trace every modification, and the lines which later use them. for eg, in the second eg.. 0 A = 12 1 B = C + 15 2 D = 34 3 C = A + 2 4 E = C * A Line 0 would be required before lines 3 and 4. Therefore Line 0, could be moved to any line < 3. Line 1 is required before line 3 (because its rhs variable changes then), so any line before line 3 is fine. Line 2 Can be anywhere. It isn't referenced to anything else. Line 3, must come before line 4. And line 4 must come after line 3. What other methods are used in other code obfucators? How effective are these (and the other) methods? What pitfalls would there be to making my own obfucator? From, Nice coder [Edited by - Oluseyi on November 28, 2004 2:37:34 AM]

Share this post


Link to post
Share on other sites
Advertisement
What happened to my post?

First it double posts, then both of them are devoid of content (what happened, at least one of them had content when i checked).

That was wierd (and i have no backup :( (after i checked the one thread i knew that existed, i purged the copy. (i now have an interface to a hash ganerator on my clipboard)

From,
Nice coder

Share this post


Link to post
Share on other sites
Guest Anonymous Poster
Unless you've coded a proof that N=NP and you want to keep the G-men off your back, your code isn't worth obfuscating.

That said, just use M$'s VB to IL bytecode compiler.

Share this post


Link to post
Share on other sites
Guest Anonymous Poster
Of course that should be P=NP

Share this post


Link to post
Share on other sites
If I may paraphrase Brice Schneier:

"If I hide a secret in a safe and then hide the safe in New York, it isn't secure, it's just obscure. If, however, I hide a secret in a safe, then give you that safe along with plans that detail how the safe's lock works and you still can't read the secret, then and only then is that secret secure."

My point is this: Security through obscurity is not really security at all and is almost always a bad idea. To prevent hacks, you need a hack resistant algorithm or protocol, not an obfuscated one.

Share this post


Link to post
Share on other sites
Security through obscurity is the only kind that works on an untrusted client.
Really though, to make a proper obfuscator you'd need to write a VB compiler practically. Just hacking it up won't work very well (trust me, I've done exactly that =-)

Share this post


Link to post
Share on other sites
I seems to me that the simple reordering of code that you describe contributes very little to obsfucation, and would be a lot of work for very little payoff.

Something along the same lines that would be more effective is to obsfucate the structure of the code without affecting the execution. Move random blocks of code around and use gotos and function calls to connect them up. Jump in and out of loops. Mix in random code that will never be executed. Move random data into random classes. Make everything global.

Share this post


Link to post
Share on other sites
Sign in to follow this  

  • Advertisement
×

Important Information

By using GameDev.net, you agree to our community Guidelines, Terms of Use, and Privacy Policy.

We are the game development community.

Whether you are an indie, hobbyist, AAA developer, or just trying to learn, GameDev.net is the place for you to learn, share, and connect with the games industry. Learn more About Us or sign up!

Sign me up!