IOS-Reverse-objective-c code obfuscation-confuse.sh file notation

Source: Internet
Author: User
Tags uikit

Class-dump can be very convenient to export the program header file, not only to let the attackers understand the program structure to facilitate the reverse, but also to hurry to catch up with the progress of the imperfect program written to the peer left a laughingstock.

So, we are desperate to confuse our code.



The conventional thinking of confusion

Confusion points to many ideas, such as:

1) Flower Code flower instruction, that is, random to the program to add the code instruction of the confusing person

2) Easy-to-read character substitution

Wait a minute

An effective way to prevent class-dump from reading information is to replace the easy-to-read character.




Objective-c Method Name Confusion



The timing of the confusion

We want to keep clear and readable program code at the time of development to make it easy for you.

At the same time, the binary that you want to compile contains messy, confusing program code that is disgusting to others.

Therefore, we can set the string substitution for the method name before compiling in build Phrase.



The method of confusion

Method name confusion is actually a string substitution, there are 2 methods can be, one is # define, one is the use of tops.
The advantage of using the # define method is that it is possible to merge the results of the confusion in a. h, #import the prefix.pch at the front of the project. It is confusing to not import or compile, import.

A single-segment selector, such as Func:, can be substituted by a # define Func.
Multiple segments of selector, such as A:B:C:, can be replaced by a string of # A, B, and C respectively.




My obfuscation tool

I wrote a simple confusion script, the main idea is to focus on the sensitive method name in a file called Func.list, one-to-a-box into random characters, append write. h.

The script is as follows:

[Plain]View PlainCopy
  1. #!/usr/bin/env Bash
  2. Tablename=symbols
  3. symbol_db_file= "Symbols"
  4. String_symbol_file= "Func.list"
  5. head_file= "$PROJECT _dir/$PROJECT _name/codeobfuscation.h"
  6. Export Lc_ctype=c
  7. #维护数据库方便日后作排重
  8. CreateTable ()
  9. {
  10. echo "CREATE table $TABLENAME (src text, des text);" | Sqlite3 $SYMBOL _db_file
  11. }
  12. Insertvalue ()
  13. {
  14. echo "INSERT into $TABLENAME values (' $ ', ' $ ');" | Sqlite3 $SYMBOL _db_file
  15. }
  16. Query ()
  17. {
  18. echo "SELECT * from $TABLENAME where src= ' $ ';" | Sqlite3 $SYMBOL _db_file
  19. }
  20. Ramdomstring ()
  21. {
  22. OpenSSL rand-base64 64 | Tr-cd ' a-za-z ' |head-c 16
  23. }
  24. Rm-f $SYMBOL _db_file
  25. Rm-f $HEAD _file
  26. CreateTable
  27. Touch $HEAD _file
  28. Echo ' #ifndef Demo_codeobfuscation_h
  29. #define Demo_codeobfuscation_h ' >> $HEAD _file
  30. echo "//confuse string at ' Date '" >> $HEAD _file
  31. Cat "$STRING _symbol_file" | While Read-ra line; Do
  32. if [[!-Z ' $line]]; Then
  33. Ramdom= ' ramdomstring '
  34. echo $line $ramdom
  35. Insertvalue $line $ramdom
  36. echo "#define $line $ramdom" >> $HEAD _file
  37. Fi
  38. Done
  39. echo "#endif" >> $HEAD _file
  40. Sqlite3 $SYMBOL _db_file. Dump



Operation Steps



1. Place the confusion script confuse.sh in the project directory
MV Confuse.sh your_proj_path/


2. Modify PREFIX.PCH
Open Xcode, modify xxx-prefix.ch, add obfuscation header file:

[OBJC]View PlainCopy
    1. #ifdef __objc__
    2. #import <UIKit/UIKit.h>
    3. #import <Foundation/Foundation.h>
    4. //Add obfuscation header file (this file name is defined in script confuse.sh)
    5. #import "CodeObfuscation.h"
    6. #endif



3. Configure Build Phase
Add the Execute script action in the project build phase, execute the confuse.sh script,






4. Create the Function name list func.list, write the function names to be confused, such as:
-(void) sample;
-(void) SEG1: (NSString *) string SEG2: (Nsuinteger) num;


Write it like this:
Sample
Seg1
Seg2


and place the file in the same sibling as the confuse.sh script
MV Func.list your_proj_path/




5. Compiling view results
Direct build, the obfuscation script will run before compiling, random substitution of characters, and the random characters of each build are different,



IOS-Reverse-objective-c code obfuscation-confuse.sh file notation

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.