如何模糊OBJECT代码（而不是源代码）？ [英] Howto obfuscate OBJECT code (and not source code)?

问题描述

我在静态库中使用对象/机器代码（使用C ++编写和编译
），我希望使其难以进行逆向工程。我告诉别人有些人可以对这个对象/机器进行逆向工程

代码来生成部分或全部源代码，虽然它可能不是

琐碎的任务，这不可能。


我是否可以使用工具，流程或其他工具来实现这一目标？

我在

源代码端寻找类似于代码混淆（sp？）的东西，但是应用于目标代码。


我被告知可能有机制为Java字节码执行此操作

对象使其难以进行逆向工程。可能有一些类似于一般目标代码的物品（至少对于C ++

编译器/链接器）？


提前谢谢，

-Matt

-

[反编译除最小的机器代码库外，特别是

没有调试符号，是一项很大的工作。你可以很容易地拆解它们，但是弄清楚代码的作用是什么。

一个艰难的过程。除非您的图书馆在O（n ^ 2）时间内完成了解决旅行商问题的问题，否则我不会担心。

-John]

I have object/machine code in static library (written and compiled
using C++) that I wish to make difficult to reverse-engineer. I am
told by others that some could reverse-engineer this object/machine
code to generate some or all of the source, and while it may not be a
trivial task, it would not be impossible.

Do tools, processes, or other means exist by which I could do this?

I''m looking for something analogous to code obfuscation (sp?) on the
source-code side, but applied to the object code.

I am told that there may be mechanisms to do this for Java bytecode
objects to make them difficult to reverse engineer. Might there be
something similar for general object code (at least for C++
compilers/linkers)?

Thanks in advance,
-Matt
--
[Decompiling any but the smallest machine code libraries, particularly
in the absence of debugging symbols, is a great deal of work. You can
disassemble them easily enough, but figuring out what the code does is
a slog. Unless your library does something like solving the
travelling salesman problem in O(n^2) time, I wouldn''t worry about it.
-John]

推荐答案

Matt写道：

我在静态库中有对象/机器代码（使用C ++编写和编译）我希望难以进行逆向工程。我被其他人告知，有些人可以对这个对象/机器代码进行反向工程以生成部分或全部源代码，虽然它可能不是一项简单的任务，但它不会不可能。

I have object/machine code in static library (written and compiled
using C++) that I wish to make difficult to reverse-engineer. I am
told by others that some could reverse-engineer this object/machine
code to generate some or all of the source, and while it may not be a
trivial task, it would not be impossible.

哈哈，证明一下吧！我给你蛋糕，你重现鸡蛋，

好​​吗？但严重的是，没有违法行为，95％的C ++代码都不值得被盗！


祝福，

RC

[有人指出Java字节码的级别要高很多，并且比机器语言更易于反编译，无论是来自C ++还是

任何其他语言。我认为C ++会特别难以对b
进行反编译，因为模板和重载会产生非常臃肿的，b / b
凌乱的对象代码。 -John]

Haha, demonstrate it! I give you the cake and you reproduce the eggs,
ok? But seriously, no offense intended, 95% of all C++ code is not
worth to be stolen!

Best wishes,
R.C.
[Someone else pointed out that Java bytecode is a lot higher level and
a lot easier to decompile than machine language, whether from C++ or
any other language. I''d think that C++ would be particularly hard to
decompile because templates and overloading generate really bloated,
messy object code. -John]

Matt写道：

Matt wrote:

我在静态库中有对象/机器代码（编写和编译）
使用C ++）我希望难以进行逆向工程。 ...

我被告知可能有机制为Java字节码对象执行此操作，使其难以进行逆向工程。可能有一些类似于一般目标代码的东西（至少对于C ++
编译器/链接器）？

I have object/machine code in static library (written and compiled
using C++) that I wish to make difficult to reverse-engineer. ...

I am told that there may be mechanisms to do this for Java bytecode
objects to make them difficult to reverse engineer. Might there be
something similar for general object code (at least for C++
compilers/linkers)?

有.NET代码的混淆器（用于C ++和其他语言），但

我没有听说过本地代码。


-

Ioannis Vranos

http://www23.brinkster.com/noicys

There are obfuscators for .NET code (for C++ and other languages), but
I haven''t heard anything about native code.

--
Ioannis Vranos

http://www23.brinkster.com/noicys

Matt写道：

我在静态库中有对象/机器代码（使用C ++编写和编译）我希望难以进行逆向工程。 ...

我正在寻找类似于源代码端的代码混淆（sp？）的东西，但是应用于目标代码。
对象执行此操作，使其难以进行逆向工程。可能会有类似于一般目标代码的东西（至少对于C ++
编译器/链接器）？
[反编译除最小的机器代码库之外的任何代码库，特别是在没有调试符号的情况下，工作量很大。）你可以很容易地拆卸它们，但弄清楚代码的作用是一个艰难的过程。除非您的图书馆在O（n ^ 2）时间内解决旅行商问题，否则我不会担心。 -John]

I have object/machine code in static library (written and compiled
using C++) that I wish to make difficult to reverse-engineer. ...

I''m looking for something analogous to code obfuscation (sp?) on the
source-code side, but applied to the object code.

I am told that there may be mechanisms to do this for Java bytecode
objects to make them difficult to reverse engineer. Might there be
something similar for general object code (at least for C++
compilers/linkers)? [Decompiling any but the smallest machine code libraries,
particularly in the absence of debugging symbols, is a great deal of
work. You can disassemble them easily enough, but figuring out what
the code does is a slog. Unless your library does something like
solving the travelling salesman problem in O(n^2) time, I wouldn''t
worry about it. -John]

嗯，你也可以让代码难以反汇编。有用于代码压缩的

产品，以及用于创建难以解码的可执行

二进制代码的方法。查看P. Cerven的书，了解

一些Win / x86示例。


二进制混淆的最简单方法是使用内联函数，

高级优化和剥离调试信息的代码，如约翰写的那样。回想一下，如果没有至少-O2或-O3，编译后的代码

将与源代码非常相似。


从理论上讲，任何独立代码都可以被理解 - 只需通过模拟器运行它来获得
（以及操作系统）并分析不同的b / b
输入/情况。


问题在大多数情况下，你的对手有多少资源，

以及代码的大小和复杂程度。


对于C / C ++，你可以处理件源代码级别的代码和

这可以使代码混淆更容易。作为高级编程课程的一部分，我的一个学生得到了

a小混淆项目。

他的系统在部分
$中创建随机查找的自修改代码b $ b用户定义的程序。我认为他在完成项目后可以发布他的代码。


Michael

[啊，但如果他发布了他的代码，我们能算出来吗？

-John]

Well, you can also make the code hard to disassemble. There are
products for "code compression", and methods for creating executable
binary code that is hard to decode. Look at the book of P. Cerven for
some Win/x86 examples.

The easiest way of binary obfuscation is using inlined functions,
high level of optimization and stripping the code of debug info, as
John wrote. Recall that without at least -O2 or -O3 the compiled code
will be very similar to the source.

Theoretically, any standalone code can be understood - just run it
(and the OS) through simulator and analyze the trace for different
inputs/situations.

The problem in most cases is how much resources your opponents have,
and what is the size and complexity of your code.

For C/C++ you can process pieces of the code on source level, and
this can make code obfuscation much easier. One of my students had got
a small obfuscation project as a part of advanced programming course.
His system creates randomly looking self-modifying code in parts of
the program defined by the user. I think he would be able to publish
his code when he finishes the project.

Michael
[Ah, but if he publishes his code, will we be able to figure out out?
-John]

这篇关于如何模糊OBJECT代码（而不是源代码）？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！