IOS Source code obfuscation (initial confusion)

We can use the Classdump to dump the original program, like the previous article (Class-dump installation and use of records (export the application's header file), we can see all the. h files are completely exposed (e.g.)

After clicking on the HWAccount.h, the function name and the property name are the same:

This is the equivalent of being in a bare-Ben, and we need to confuse the code. To put it simply, it is to make your username and function name is not readable, such as your user name of the variable name defined as UserName, then you must be normal, if the hacker dump out of this variable name will become ABCD or 1234, so he does not know what you are used to do.

First, in the project path to establish a confuse.sh, a func.list file

1. Open the terminal first, then CD to your project project path:

$ cd/users/yoowei/desktop/Learning Material (Hello)/Important Information/code obfuscation experiment/yoowei

2. Create two files, one confuse.sh, one func.list

$ Touch confuse.sh

$ Touch Func.list

3, this time we open this project folder, you can see, these two files have been created:

4, open the project, add the two files just created, right-click your project Blue flag, and then select Add Files to Yoowei:

5, click Confuse.sh, found or blank, you need to add the following script:

#!/usr/bin/env Bash

Tablename=symbols

symbol_db_file= "Symbols"

String_symbol_file= "Func.list"

head_file= "$PROJECT _dir/$PROJECT _name/codeobfuscation.h"

Export Lc_ctype=c

#维护数据库方便日后作排重

CreateTable ()

{

echo "CREATE table $TABLENAME (src text, des text);" | Sqlite3 $SYMBOL _db_file

}

Insertvalue ()

{

echo "INSERT into $TABLENAME values (' $ ', ' $ ');" | Sqlite3 $SYMBOL _db_file

}

Query ()

{

echo "SELECT * from $TABLENAME where src= ' $ ';" | Sqlite3 $SYMBOL _db_file

}

Ramdomstring ()

{

OpenSSL rand-base64 64 | Tr-cd ' a-za-z ' |head-c 16

}

Rm-f $SYMBOL _db_file

Rm-f $HEAD _file

CreateTable

Touch $HEAD _file

Echo ' #ifndef Demo_codeobfuscation_h

#define Demo_codeobfuscation_h ' >> $HEAD _file

echo "//confuse string at ' Date '" >> $HEAD _file

Cat "$STRING _symbol_file" | While Read-ra line; Do

if [[!-Z ' $line]]; Then

Ramdom= ' ramdomstring '

echo $line $ramdom

Insertvalue $line $ramdom

echo "#define $line $ramdom" >> $HEAD _file

Fi

Done

echo "#endif" >> $HEAD _file

Sqlite3 $SYMBOL _db_file. Dump

Script from: http://blog.csdn.net/yiyaaixuexi/article/details/29201699

6. Referencing a file in a. pch file

In general, you will get an error when adding, because the script file has not been referenced

Second, configuration Build Phase

1. Add Run Script

2. Configure Run Script

$PROJECT _dir/confuse.sh

3. Open Permissions

Then go back to the terminal, the same CD to the project directory, and then we have to open just. sh This script file run permissions, because the default is not this permission, enter the following command in the terminal:

$ chmod 755 confuse.sh

Enter, go back to our project, COMMAND + B to compile the project, and then open the sentence we just commented out (. pch file error)

Command + b Compile again, problem solved, compile successfully.

Third, in the Func.list file, write the function name to be confused

The properties that need to be confused with the function name are listed in Fun.list:

Done! Now command + B to run, and then where to look at the results, see here:

In came HWAccount.h found:

Finally, I found that all of the projects used in the name of the place are replaced by a macro, but can not run up, this need to study to solve?

IOS Source code obfuscation (initial confusion)