Log in

View Full Version : Obfuscation on Windows as well as on Linux


OHPen
May 10th, 2007, 12:15
Hi,

i try coding an own module for code obfuscation. Therefore i did some research to look how other protections work, etc...
(Securom, Pace, some custom obfuscators, etc)

Now i ask myself whether if should be possible to create a obfuscation module which is able to work under win as well as under linux. Since i plan just to replace certain parts of the code with obfuscated code it should be possible right ?

Any ideas concerning that ?

PAPi

evlncrn8
May 10th, 2007, 16:45
usually the obfuscation is done at source code level using scripts / macros etc..

LLXX
May 12th, 2007, 15:23
A polymorphic register swapper should work on both Windows and Linux...

OHPen
July 15th, 2007, 08:22
Im not so interested in the obfusction which is done via sourcecode macros, etc.

the more I'm interested in binary-obfuscation. it makes an obfuscator more independent from syntax-stuff-problems, and so on...
especially this is very interesting for obfuscating binary algorithms.

PAPi

cEnginEEr
July 15th, 2007, 09:35
I remember some years ago a Spanish VXer (Mental Driller) published a real metamorphic engine in 29A zine with amazing capabilities; at the time it was (still is) a real pain in neck for AV ppl; This engine consist of these sub-engines:

1- Disassembler : disassemble the binary code
2- Shrinker: remove junk codes and unnecessary jumps
3- Morpher : morph every disassembled instruction
4- Obfuscater: divide the whole code into pieces, shuffle them, make links..
5- Assembler: guess what...

I think it can help you with binary level obfuscation.

Regards

OHPen
July 22nd, 2007, 04:32
@cEnginEEr: Thx, i will take a look. I hope I'm able to get a copy of those engines....

Regards,

PAPi