Re: Assembly obfuscation

From: Randall Hyde (randyhyde_at_earthlink.net)
Date: 03/18/04 

Date: Thu, 18 Mar 2004 05:36:25 GMT

You might want to take a look at the "Shroud" program that
Gimpel software put out several years ago. Did the same thing
for C source code.
Cheers,
Randy Hyde

"Nadasi Peter" <peter@indigo2.hszk.bme.hu> wrote in message
news:Pine.LNX.4.21.0403180006030.28148-100000@indigo2.hszk.bme.hu...
> Hi,
>
> I'm new here :-)
> As my project on the university I would like to make an assembly
> obfuscator and I ask your help to give me advices, helps, rtfms...
>
> Ground idea:
> 1., Compile the C, C++ or whatever source to assembly
> 2., Make a proper and very hard obfuscation in the assembly code (with
> perhaps Perl or C)
> 3., Build the exec from the obfuscated assembly to machine code
>
> Benefits:
> 1., Still the same program but hard to understand when disassembled
> 2., Good base for further source code watermarking
> 3., We can handle our assembly source like a simple text file and make
> fine text manipulations.
> 4., Does not affect (or just very little) the execution speed
>
> Now where I am, what are my ideas:
> 1., Read the whole assembly source, and change the place of each blocks in
> file source random
> (block is eg.:
> LabelX:
> mov %eax, %ebp
> nop
> jmp LabelZ
> )
>
> 2., Make other jmps within the block to another bogus label make some nop
> or just simply jmp back to a new label where the rest of the original
> block should continue
> 3., When jmp called then the label to jump to is computed from the former
> states of the program
> 4., Make some easter-eggs, when conditional jump occured then in case of a
> specified range normal function is committed, else it jumps to another
> label where some very strange and worthless but hard to understand stuff
> is done.
>
>
> Any other ideas, advices, links or hints are welcome!
> I think in the golden era of asm were such tricks and demosceners used
> them often... asm shuffling, etc...
>
> Thanks in advance for your help!
>
> Peter
>

Relevant Pages

  • Managing changes to source code contain in older Sourcesafe labels
    ... in it reflecting different collections and version of files for various ... of the older versions of source code and want to fix it and put it back into ... Sourcesafe and then apply a new label to this collection of code. ... files and apply them to this customer along with fixing their SPECIFIC ...
    (microsoft.public.vstudio.sourcesafe)
  • Re: Code Complete: 1st or 2nd Edition?
    ... If you need to to read a program, then the variable declarations in that program are too far from their uses. ... You can then label your variables and functions so that when you use a tainted string in a function that needs an untainted one, ... a = read_from_untrusted_source//lots of source code here ... The point is to be able to do things visually that would either be hard or impossible with your language implementation. ...
    (comp.programming)
  • Re: Gonna use command line for now.
    ... if the homo stuff can't be removed than the source code is still ... homo.asm:1: instruction expected after label ... Hehehehahahaha too much work to censor the word homo. ...
    (alt.lang.asm)
  • Re: The excellent HLA LIB
    ... JMP put_w_win;LF CR ... no extra varables for the two states of a single bit and ... if you're going to make comments about the quality of HLA ... source code, it makes a lot of sense for you to *first learn HLA* and ...
    (alt.lang.asm)
  • Re: restore to previous version
    ... when you get the project at the label, you do not get that file. ... that project level folder are labelled the same. ... the source code on our local machine. ... a particular version of the code at one point in history... ...
    (microsoft.public.vstudio.sourcesafe)