Your SlideShare is downloading. ×
Code obfuscation
Upcoming SlideShare
Loading in...5

Thanks for flagging this SlideShare!

Oops! An error has occurred.

Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Code obfuscation


Published on

Published in: Education, Technology

  • Be the first to comment

  • Be the first to like this

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

No notes for slide


  • 1. Code Obfuscation Tool for Software Protection
  • 2. Outline Why Code Obfuscation Features of a code obfuscator  Potency  Resilience  Cost Classification of Obfuscating Transformations
  • 3. Why use Code ObfuscationTechniques Mainly to defend against Software Reverse Engineering We can only make it more difficult for reverse engineers Available obfuscating tools work in the same way as compiler optimizers Reduce required space and time for compilation
  • 4.  The level of security that an Obfuscator adds depends on:  The transformations used  The power of available deobfuscators  The amount of resources available to deobfuscators
  • 5. Main features of a Code Obfuscator Potency: is the level up to which a human reader would be confused by the new code Resilience: is how well the obfuscated code resists attacks by deobfuscation tools Cost: is how much load is added to the application
  • 6. Code Obfuscation Reverse P1 Reverse Engineer engineering P1, P2, .., Pn exatracts piece of Pn program Obfuscation makes reverse engineering difficult Obfuscation Reverse Engineering fails P1, P2, .., Pn Q1, Q2, .., Qm Transformations
  • 7. Protection through Obfuscation
  • 8. Obfuscation methods Mainly based on target information that we want to modify/obfuscate
  • 9. Obfuscation Methods Lexical transformations  Modify variable names Control transformations  Change program flow while preserving semantics Data transformations  Modify data structures Anti-disassembly Anti-debugging
  • 10. Kinds of obfuscation for each targetinformation
  • 11. Available JavaScript Obfuscators Most available commercial JavaScript obfuscators work by applying Lexical transformations Some obfuscators that were considered are:  Stunnix JavaScript Obfuscator  Shane Ngs GPL-licensed obfuscator  Free JavaScript Obfuscator
  • 12. Example:From Stunnix Actual code:  Obfuscated code: function foo( arg1)  function z001c775808( { z3833986e2c) { var var myVar1 = "some z0d8bd8ba25= string"; //first comment "x73x6fx6dx65x20x73x 74x72x69x6ex67"; var var intVar = 24 * 3600; z0ed9bcbcc2= (0x90b+785- //second comment 0xc04)* (0x1136+6437- /* here is 0x1c4b); document. write( a long "x76x61x72x73x20x61 multi-line comment blah */ x72x65x3a"+ z0d8bd8ba25+ "x20"+ document. write( "vars z0ed9bcbcc2+ "x20"+ are:" + myVar1 + " " + z3833986e2c);}; intVar + " " + arg1) ; };
  • 13. Step by step examination The Stunnix obfuscator targets at obfuscating only the layout of the JavaScript code As the obfuscator parses the code, it removes spaces, comments and new line feeds While doing so, as it encounters user defined names, it replaces them with some random string It replaces print strings with their hexadecimal values It replaces integer values with complex equations
  • 14.  In the sample code that was obfuscated, the following can be observed User defined variables:  foo replaced with z001c775808  arg1 replaced with z3833986e2c  myvar1 replaced with z0d8bd8ba25  intvar replaced with z0ed9bcbcc2 Integers:  20 replaced with (0x90b+785-0xc04)  3600 replaced with (0x1136+6437-0x1c4b) Print strings:  “vars are” replaced with x76x61x72x73x20x61x72x65x3a  Space replaced with x20
  • 15. References [Collberg] C. Collberg, “The Obfuscation and Software Watermarking homepage”, Obfuscation/index.html [Stunnix JavaScript Obfuscator] [Shane Ngs GPL-licensed obfuscator] obfuscator.html [Free JavaScript Obfuscator]