delphi obfuscator ( kod kurcalayıcı :P )

Delphi ile ilgili faydalı site adreslerini buraya gönderebilirsiniz.
Cevapla
Kullanıcı avatarı
mege
Admin
Mesajlar: 2360
Kayıt: 05 Şub 2004 04:32
Konum: Beşiktaş
İletişim:

delphi obfuscator ( kod kurcalayıcı :P )

Mesaj gönderen mege »

:arrow: http://www.the-interweb.com/serendipity ... cator.html

Dede ye karşı alınabilecek önlemlerden bahsedilmiş.
makalenin ekinde koduyla beraber bir program vermişler ama ne ölçüde obfuscator dür allah bilir :)

düzgün bir code obfuscatörü gören varmı??


0. Introduction
The advent of DeDe, the self-proclaimed Delphi Decompiler, in 1999 started a new era in reverse engineering programs compiled with Borland Delphi. In case you're not aware of this tool, the term decompiler is actually misleading to describe the functionality of DeDe as it implies that the tool can reconstruct Delphi source code from binary files. This is definitely not the case though.
What DeDe really is is a class browser that allows the user to browse the meta-data of all classes derived from TObject that are used in the binary file (that's equivalent to the classes of the VCL). It's basically an enhanced version of the Delphi object inspector that's used during Delphi development but it works for binary files instead of Delphi source files.
DeDe also comes with other features like a built-in disassembler but these other features were neither new nor as revolutionary as DeDe's core functionality.

1. What exactly is the problem?
At first glance the insight DeDe offers doesn't seem to be much of a problem. After all there's no critical data in the properties of the components you set in the object inspector when you implement your software. This line of thinking is fundamentally flawed though. There actually is critical data in these properties, and lots of it. Otherwise DeDe would have never had such an impact on reverse engineering Delphi binaries.
The critical data I'm talking about in the context of reverse engineering Delphi files are the names of the properties and some of their values.

Imagine a shareware program that can be registered using a standard name/password combination the user enters in a special dialog. The password can be entered in edit fields and the user confirms his input by clicking a button. Now what's more helpful to a person who wants to gain access to the important parts of the registration logic with the goal to crack the software? A resource named RegisterDialog or a resource named G5gAQLRICMZPIU?
What about a button named RegButton with a corresponding OnClick property called RegButtonClick? This is certainly a dead give-away for any potential attacker and because DeDe can resolve the addresses where these events can be found in the file and perform an instant disassembly of the code there the attacker could locate the critical code in less than three seconds.
Would a button named HoiDDdf4 with a property named KLF442E and a value like JHIogeeGEIffdF be just as valuable to the attacker, especially when it's buried in hundreds if not thousands of equally meaningless names? I think not.
And that's exactly what this paper intends to show you: How to make DeDe completely useless by obfuscating the data DeDe reads from Delphi binary files.
...
not: obfuscator nedir diyenlere
:arrow: http://www0.us.ioccc.org/years-spoiler.html

Kod: Tümünü seç

#include <ncurses.h>/*****************************************************/
            int               m[256                   ] [         256   ],a
 ,b   ;;;   ;;;   WINDOW*w;   char*l=""   "\176qxl"   "q"   "q"   "k"   "w\
xm"   "x"   "t"         "j"         "v"         "u"         "n"         ,Q[
 ]=   "Z"   "pt!ftd`"   "qdc!`eu"   "dq!$c!nnwf"/**   ***   */"t\040\t";c(
int   u ,         int         v){                     v?m   [u]         [v-
 1]   |=2,m[u][v-1] &   48?W][v-1   ] &   15]]):0:0;u?m[u   -1][v]|=1   ,m[
 u-               1][   v]&         48?               W-1   ][v         ]&
15]   ]):0:0;v<   255   ?m[   u][v+1]|=8,m[u][v+1]&   48?   W][   v+1]&15]]
):0         :0;         u <               255   ?m[   u+1         ][v   ]|=
4,m[u+1][   v]&48?W+1][v]&15]]):0:0;W][   v]&   15]   ]);}cu(char*q){   return
 *q               ?cu   (q+         1)&         1?q   [0]               ++:
q[0   ]--   :1;   }d(   int   u ,   int/**/v,   int/**/x,   int   y){   int
Y=y   -v,   X=x         -u;   int         S,s   ;Y<         0?Y   =-Y   ,s,
s=-   1:(   s=1);X<0?X=-X,S   =-1  :(S=   1);   Y<<=   1;X<<=1;   if(X>Y){
int   f=Y               -(X   >>1   );;               while(u!=         x){
f>=   0?v+=s,f-=X:0;u   +=S   ;f+=   Y;m[u][v]|=32;mvwaddch(w,v   ,u,   m[u
 ][               v]&   64?   60:         46)         ;if         (m[   u][
v]&16){c(u,v);;   ;;;   ;;;   return;}}   }else{int   f=X   -(Y>>1);;   while
 (v   !=y         ){f   >=0         ?u   +=S,               f-=         Y:0
 ;v   +=s   ;f+=X;m[u][v]|=   32;mvwaddch(w,v   ,u,m[u][v]&64?60:46);if(m[u
 ][                     v]&         16)   {c(   u,v                     );
  ;   return;;;}}}}Z(   int/**/a,   int   b){   }e(   int/**/y,int/**/  x){
int               i ;         for         (i=         a;i               <=a
+S;i++)d(y,x,i,b),d(y,x,i,b+L);for(i=b;i<=b+L;i++)d(y,x,a,i),d(y,x,a+   S,i
 );                     ;;;         ;;;         ;;;               ;;;   ;
  mvwaddch(w,x,y,64);   ;;;   ;;;   ;;;   prefresh(   w,b,a,0,0   ,L-   1,S-1
);}             main(         int               V ,   char              *C[
  ]   ){FILE*f=   fopen(V==1?"arachnid.c"/**/   :C[   1],"r");int/**/x,y,c,
v=0         ;;;      initscr              ();               Z(Z         (raw
 ()   ,Z(   curs_set(0),Z(1   ,noecho()))),keypad(    stdscr,TRUE));w   =newpad
  (   300,  300               ) ;   for         (x=   255   ; x   >=0   ;x--
  )   for   (y=   255   ;y>=0;y--   )m[   x][   y]=   0;x=y=0;refresh( );while
  (   (c=                           fgetc (f)   )+1)                    {if(
0||c==10||  x==   256){x=0;y++;if(y==256  )break;;}   else{m[x][y]=(c   ==
'~'   ?64   : c   ==32              ?0:         16)   ;;x               ++;
      }}for(x=0   ;x<   256;x++)m   [x][0]=16   ,m[   x][   255]=16;for(y=0
;y<         256   ; y         ++)   m[0         ][y   ] =               16,
m[255][y]   =16   ;a=b=c=0;   x=y   =1;   do{v++;mvwaddch   (w,   y,x   ,m[
x][         y]&               32?   m[x                     ][y   ] &   16?
 0|   acs_map[l[m[x][y]&15]]:46 :   32);c==0163&&!(m[x][y+1]&16)?y++:   0;c
 ==   119         &&!         (m[                                       x][
 y-   1]&   16)   ?y--:0;;c   ==97  &&!(m[x-1][y]&16)?x--:0;c==100&&!(m[x+1
 ][   y]&   16)         ? x   ++:0              ;if(                    c==
 3-   1+1   ){endwin(   );;   return(0)   ;}x   -a<5?a>S-   5?a-=S-5:(a=0):
0;x               -a>         S-5?a<255   -S*         2?a               +=S
-5:(a=256-S):0;   y-b<5?b>L-5?b-=L-5:(b   =0)   :0;   y-b>L-5?b<255-L   *2?
b+=                                       L-5   :(b                     =256
-L)   :0;e(x,y);if(m[x][y]&64)break;}while((c=getch())!=-1);endwin();cu(Q);
printf(Q,v);}
başka örnek

Kod: Tümünü seç

#define Nd Np define
#define Ni(N) Np include <std##N##.h>
#define Np ??=

Ni(def)
Ni(io)
Ni(lib)

Nd Ba BC(B, I)
Nd Be BC(Br, I)
Nd Ca(C, Ca) CB(B, In C, Ca)
Nd Cl(Cl) Cl Cl
Nd Cs const
Nd FrB N = Zr; Fr((O, B = BrB(BrF, I)))
Nd Fe(F) FO (In = Zr; F; In++)
Nd FF FB(B); FB(BF);
Nd FI Fe(IO)
Nd FO for
Nd Fr(F) FO (I = Zr; F; I++)
Nd II I I, In
Nd In(I, Ir) main(I, Ir)
Nd IO In[O[C + I]]
Nd Ir(I) if (I)
Nd Nb N > N && N > -O
Nd Rb(Rb, B) BBr(Br, Rb, B)
Nd Re return
Nd Sc struct
Nd Si(Te) sizeof (Te)
Nd Te typedef
Nd Zn N < Zr

Te char C;
Te int I;
Te size_t Si;
Te void V;

Cs C *Na =

    "H   "                                                              "He  "
    "Li  Be  "                                      "B   C   N   O   F   Ne  "
    "Na  Mg  "                                      "Al  Si  P   S   Cl  Ar  "
    "K   Ca  Sc  Ti  V   Cr  Mn	 Fe  Co  Ni  Cu  Zn  Ga  Ge  As	 Se  Br  Kr  "
    "Rb  Sr  Y 	 Zr  Nb  Mo  Tc  Ru  Rh  Pd  Ag  Cd  In  Sn  Sb  Te  I   Xe  "
    "Cs  Ba* Lu  Hf  Ta	 W   Re  Os  Ir  Pt  Au  Hg  Tl  Pb  Bi  Po  At  Rn  "
    "Fr  Ra**"

        "   *La	 Ce  Pr  Nd  Pm	 Sm  Eu	 Gd  Tb  Dy  Ho	 Er  Tm	 Yb  "
        "  **Ac  Th  Pa  U   Np  Pu  ";
Cs C *Xe = "111%%d:\0\n";
Cs C H[] = "22";
Cs C U[] = "3";
Cs I Zr = 0;
Cs I O = 1;
Cs I W = 2;

V (*At)(V) = abort;
V (*F)(V *) = free;
V *(*Mo)(Si) = malloc;
I (*Pr)(Cs C *, ...) = printf;
I (*P)(I) = putchar;

Nd Tm(B,C) \
Sc B { \
	C *B; \
	I N; \
} ; \
Te Sc B *B; \
\
B N##B (I) ; \
V F##B (B) ; \
C B##C (B, I) ; \
V C##B (B, I, C) ; \
\
B N##B (I N) { \
	B B; \
\
	Re (W, B = Mo(Si(Sc B))) ? \
		(O, B->B = Mo(((W, B->N = N) ? N : O) * Si(C))) ? \
			B Cl(: (At(), B)); \
} \
V F##B (B B) { \
	F(B->B); \
	F(B); \
} \
C B##C (B B, I N) { \
	Re B->Nb ? B->B[N] : (C) Zr; \
} \
V C##B (B B, I N, C C) { \
	N; \
	B->Nb ? B->B[N] = C : C ? At(), C : C; \
}

Tm(B,C)

V Pb (B) ;
I Bi (B) ;
C Co (B, B, I) ;
B Sb (B, I) ;

V Pb (B B) {
	I I;
	Fr(Ba) 
		P(Ba);
}
I Bi (B B) {
	I I;
	Fr(Ba) ;
	Re I;
}
C Co (B Br, B B, I N) {
	I I;
	Fr(I < N)
		Ir(Be - Ba)
			Re Be - Ba;
	Re Zr;
}
B Sb (B Br, I N) {
	B B;
	I I;

	B = NB(Zn ? Bi(Br) + N : N);
	FO(I = Zn ? -N : Zr; Zn ? Be : I < N; I++)
		CB(B, Zn ? I + N : I, Be);
	Re B;
}

Tm(Br,B)

V PBr (Br, I) ;

V PBr (Br B, I N) {
	I I;
	Pr(W * W + Xe, N);
	Fr(BrB(B, I)) {
		P(O[Na]);
		Pb(BrB(B, I));
	}
	P(Xe[W << W]);
}

B Dy (B, I) ;
I S (C, B) ;
Br Sr (Br) ;

B Dy (B Br, I N) {
	B B;
	C C, Cr;
	II;

	B = NB(W * Bi(Br));
	FO(In = I = Zr; (O, C = Be); I++) {
		FO(Cr = O; (W, C == BC(Br, I + Cr)); Cr++) ;
		I += Cr - O;
		Ca(++, Cr + Si(H)**H - Si(U)**U);
		Ca(++, C);
	}
	Ir(N)
		FB(Br);
	Ca(-N, W[H]);
	Re B;
}
I S (C C, B Br) {
	B B, BF;
	II;

	Ir(C == BC(Br, Zr))
		Re Zr;

	Fr(Be) {
		B = Cl(BF = Sb(Br, I); )

		Fe(BC(B, Zr)) {
			B = Dy(B, W);
			Ir(C == BC(B, Zr)) {
				FF
				Re Zr;
			}

			Ir(In % W)
				BF = Dy(BF, W);

			Ir(Zr == Co(B, BF, Bi(BF))) {
				FF
				Re O;
			}
		}

		FF
	}
	B = Dy(Br, Zr);
	I = S(C, B);
	FB(B);
	Re I;
}
Br Sr (Br BrF) {
	Br Br;
	B B, BF;
	II, N;

	FrB
		N += Bi(B);
	Br = NBr(N);
	FrB {
		Rb(N++, B);
		Fe(BC(B, In + O))
			S(BC(B, In), BF = Sb(B, -In - O)) ?
				Ca(+O, O[U]),
				Rb(N++, B = BF),
				In = Zr :
				(FB(BF), W);
	}
	FBr(BrF);
	Rb(N, (V *) Zr);
	Re Br;
}

I In (I, C **) ;

I In (I N, C ** C) {
	Br Br;
	B B;
	II;

	Br = NBr(--N);
	Fr(I < N) {
		FI ;
		Rb(I, B = NB(In));
		FI
			Ca(-Zr, IO);
	}

	Fr(BrB(Br, Zr)) {
		Br = Sr(Br);
		PBr(Br, I);

		Fe((W, B = BrB(Br, In))) {
			Rb(In, Dy(B, Zr));
			FB(B);
		}
	}
	
 {   }  {    }  {   } { } { }  {  }  {  }   { } {     } {   } {    }
{     } { { } } { }   { } { } { }   { }    {   }  { }   { }   { { } }
{ { } } {    }  {   } { } { }  { }  { }   { { } } { }   {   } { {  } }  C;
{     } { { } } { }   { } { }   { } { }   {     } { }   { }   { { } }
 {   }  {    }  { }    {   }  {  }   {  } { } { } { }   {   } {    }

	Re Zr;
}
nerede kullanılır diyenlere : açık kodlu dillerde müşterinin kodu kurcalamaması için,2. dene sonra al bileşenlerde kodu müşterinin anlamaması için, 3 işten atılan programcının en büyük intikamıdır :D
.-.-.-.-.-.-.-. ^_^
Kullanıcı avatarı
pro_imaj
Kıdemli Üye
Mesajlar: 1364
Kayıt: 18 Oca 2005 05:45
Konum: Dünyadan

Mesaj gönderen pro_imaj »

Mege hocam bu olay. kod şifreleyici tarzında bişeymi yoksa dedeye karşı bir önlemmi.

Yani son yazdığınız çok hoştu işten atılan programcının intikamı :)

Teşekkürler.
Gün gelecek, dilleri, elleri ve ayakları yapmış oldukları bütün kötülükleri tek tek bildirerek aleyhlerinde şahitlik edecektir. [Nur Suresi 24]
_________________
Cevapla