IOS security defense (23): Objective-C code obfuscation

IOS security defense (23): Objective-C code obfuscation

Class-dump can easily export program header files. It not only allows attackers to understand the program structure and facilitates reverse engineering, but also leaves a joke to the peers for programs that are not well-developed during the rush.

Therefore, we are eager to confuse our code.

Conventional obfuscation ideas

Obfuscation involves many ideas, such:

1) write code instructions, that is, add confusing code instructions to the program at will.

2) easy-to-read character replacement

And so on.

An effective way to prevent class-dump from producing readable information is to replace readable characters.




Objective-C method name Obfuscation

At the time of obfuscation, we hope to keep clear and readable program code during development for convenience.

At the same time, we hope that the compiled binary will contain messy and confusing program code, which is disgusting to others.

Therefore, we can set in Build Phrase to replace the method name string before compilation.

Obfuscation method name obfuscation is actually a string replacement. There are two methods, one is # define, and the other is tops.
One advantage of using the # define method is that the obfuscation results can be merged into a. h, at the very beginning of the Project Prefix. pch # import this. h. You can also compile or import data without importing data to achieve obfuscation.

Single-segment selector, such as func:, can be replaced by # define func.
Multi-segment selector, such as a: B: c:, can be replaced by # define a, B, c.




My obfuscation tools
I wrote a simple obfuscation script. The main idea is to write the sensitive method names in a file named func. list, # define one by one into random characters, and append the content to. h.

The script is as follows:

#! /Usr/bin/env bashTABLENAME = symbolsSYMBOL_DB_FILE = "symbols" STRING_SYMBOL_FILE = "func. list "HEAD_FILE =" $ PROJECT_DIR/$ PROJECT_NAME/codeObfuscation. h "export LC_CTYPE = C # maintain the database to facilitate future deduplication of createTable () {echo" create table $ TABLENAME (src text, des text ); "| sqlite3 $ SYMBOL_DB_FILE} insertValue () {echo" insert into $ TABLENAME values ('$ 1',' $ 2'); "| sqlite3 $ SYMBOL_DB_FILE} query () {echo "select * from $ TABLENAME whe Re src = '$ 1'; "| sqlite3 $ SYMBOL_DB_FILE} ramdomString () {openssl rand-base64 64 | tr-cd 'a-zA-Z' | head-c 16} rm-f $ SYMBOL_DB_FILErm-f $ HEAD_FILEcreateTabletouch $ HEAD_FILEecho '# ifndef encode # define demo_codeObfuscation_h '> $ HEAD_FILEecho "// confuse string at 'date'"> $ HEAD_FILEcat "$ STRING_SYMBOL_FILE" | while read-ra line; do if [[! -Z "$ line"]; then ramdom = 'ramdomstring' echo $ line $ ramdom insertValue $ line $ ramdom echo "# define $ line $ ramdom" >>$ HEAD_FILE fidoneecho "# endif" >>$ HEAD_FILEsqlite3 $ SYMBOL_DB_FILE. dump

Procedure

1. Place the obfuscation script confuse. sh in the project directory.
Mv confuse. sh your_proj_path/


2. Modify Prefix. pch
Open Xcode, modify the XXX-Prefix.ch, and add the obfuscation header file:

# Ifdef _ OBJC _ # import <UIKit/UIKit. h> # import <Foundation/Foundation. h> // Add the obfuscation header file (the file name is the script confuse. sh) # import "codeObfuscation. h "# endif

3. Configure Build Phase
Add and execute scripts in the project Build Phase and execute the confuse. sh script,

4. Create the function name list func. list and write the name of the function to be confused, for example:
-(Void) sample;
-(Void) seg1 :( NSString *) string seg2 :( NSUInteger) num;


Write as follows:
Sample
Seg1
Seg2


And place the file at the same level as the confuse. sh script.
Mv func. list your_proj_path/




5. Compile and view the results
Build directly. The obfuscation script runs before compilation and performs random replacement of characters. The random characters of each build are different,