We can use the Classdump to dump the original program, like the previous article (Class-dump installation and use of records (export the application's header file), we can see all the. h files are completely exposed (e.g.)
After clicking on the HWAccount.h, the function name and the property name are the same:
This is the equivalent of being in a bare-Ben, and we need to confuse the code. To put it simply, it is to make your username and function name is not readable, such as your user name of the variable name defined as UserName, then you must be normal, if the hacker dump out of this variable name will become ABCD or 1234, so he does not know what you are used to do.
First, in the project path to establish a confuse.sh, a func.list file
1. Open the terminal first, then CD to your project project path:
$ cd/users/yoowei/desktop/Learning Material (Hello)/Important Information/code obfuscation experiment/yoowei
2. Create two files, one confuse.sh, one func.list
$ Touch confuse.sh
$ Touch Func.list
3, this time we open this project folder, you can see, these two files have been created:
4, open the project, add the two files just created, right-click your project Blue flag, and then select Add Files to Yoowei:
5, click Confuse.sh, found or blank, you need to add the following script:
#!/usr/bin/env Bash
Tablename=symbols
symbol_db_file= "Symbols"
String_symbol_file= "Func.list"
head_file= "$PROJECT _dir/$PROJECT _name/codeobfuscation.h"
Export Lc_ctype=c
#维护数据库方便日后作排重
CreateTable ()
{
echo "CREATE table $TABLENAME (src text, des text);" | Sqlite3 $SYMBOL _db_file
}
Insertvalue ()
{
echo "INSERT into $TABLENAME values (' $ ', ' $ ');" | Sqlite3 $SYMBOL _db_file
}
Query ()
{
echo "SELECT * from $TABLENAME where src= ' $ ';" | Sqlite3 $SYMBOL _db_file
}
Ramdomstring ()
{
OpenSSL rand-base64 64 | Tr-cd ' a-za-z ' |head-c 16
}
Rm-f $SYMBOL _db_file
Rm-f $HEAD _file
CreateTable
Touch $HEAD _file
Echo ' #ifndef Demo_codeobfuscation_h
#define Demo_codeobfuscation_h ' >> $HEAD _file
echo "//confuse string at ' Date '" >> $HEAD _file
Cat "$STRING _symbol_file" | While Read-ra line; Do
if [[!-Z ' $line]]; Then
Ramdom= ' ramdomstring '
echo $line $ramdom
Insertvalue $line $ramdom
echo "#define $line $ramdom" >> $HEAD _file
Fi
Done
echo "#endif" >> $HEAD _file
Sqlite3 $SYMBOL _db_file. Dump
Script from: http://blog.csdn.net/yiyaaixuexi/article/details/29201699
6. Referencing a file in a. pch file
In general, you will get an error when adding, because the script file has not been referenced
Second, configuration Build Phase
1. Add Run Script
2. Configure Run Script
$PROJECT _dir/confuse.sh
3. Open Permissions
Then go back to the terminal, the same CD to the project directory, and then we have to open just. sh This script file run permissions, because the default is not this permission, enter the following command in the terminal:
$ chmod 755 confuse.sh
Enter, go back to our project, COMMAND + B to compile the project, and then open the sentence we just commented out (. pch file error)
Command + b Compile again, problem solved, compile successfully.
Third, in the Func.list file, write the function name to be confused
The properties that need to be confused with the function name are listed in Fun.list:
Done! Now command + B to run, and then where to look at the results, see here:
In came HWAccount.h found:
Finally, I found that all of the projects used in the name of the place are replaced by a macro, but can not run up, this need to study to solve?
IOS Source code obfuscation (initial confusion)