https://github.com/apachecn-archive/pluto-obfuscator
Science Score: 13.0%
This score indicates how likely this project is to be science-related based on various indicators:
-
○CITATION.cff file
-
✓codemeta.json file
Found codemeta.json file -
○.zenodo.json file
-
○DOI references
-
○Academic publication links
-
○Academic email domains
-
○Institutional organization owner
-
○JOSS paper metadata
-
○Scientific vocabulary similarity
Low similarity (8.5%) to scientific vocabulary
Repository
Basic Info
- Host: GitHub
- Owner: apachecn-archive
- License: mit
- Language: LLVM
- Default Branch: main
- Size: 105 MB
Statistics
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
- Releases: 0
Metadata Files
README.md
Pluto-Obfuscator
Pluto is an obfuscator based on LLVM 12.0.1, mainly developed by 34r7h4mn and za233.
Pluto is a dwarf planet in the Kuiper belt, a ring of bodies beyond the orbit of Neptune.
Environment
This project was developed and tested on the following environment: - Ubuntu 20.04.3 LTS - Clang/LLVM 12.0.1 - CMake 3.16.3 - Ninja 1.10.0
You can also build this project on Windows and MacOS, or even merge it into Android NDK toolchain (tested on Android NDK r23).
Features
- Control Flow Flattening
- Bogus Control Flow
- Instruction Substitution
- Random Control Flow
- Variable Substitution
- String Encryption
- Globals Encryption
- Trap Angr (Experimental)
- MBA Obfuscation
Usage
Build on Linux/Windows
The following commands work on both Linux and Windows:
shell
cd build
cmake -G "Ninja" -DLLVM_ENABLE_PROJECTS="clang" \
-DCMAKE_BUILD_TYPE=Release -DLLVM_TARGETS_TO_BUILD="X86" \
-DBUILD_SHARED_LIBS=On ../llvm
ninja
ninja install # Comment it out if you already have another version of LLVM installed on your machine
Build on MacOS
shell
mkdir -p build
cd build
cmake -G "Ninja" -DLLVM_ENABLE_PROJECTS="clang" \
-DCMAKE_BUILD_TYPE=Release \
-DDEFAULT_SYSROOT=$(xcrun --show-sdk-path) \
-DCMAKE_OSX_SYSROOT=/Library/Developer/CommandLineTools/SDKs/MacOSX11.3.sdk \
-DCMAKE_OSX_ARCHITECTURES="arm64;x86_64" \
../llvm
ninja
ninja install # Comment it out if you already have another version of LLVM installed on your machine
Filter Mode
In case you just want to obfuscate specific functions, Pluto-Obfuscator also provides a filter mechanism using annotation, to help you specify which functions should or should not be obfuscated.
To enable this mechanism, you should pass -mllvm -filter-mode=include or -mllvm -filter-mode=exclude to clang as an argument.
-filter-mode=include: only those functions with "include" annotation will be obfuscated.-filter-mode=exclude: ignore those functions with "exclude" annotation.-filter-mode=none: all functions will be processed. (by defualt)
For example:
shell
clang++ TestFilter.cpp -mllvm -fla -mllvm -filter-mode=include -o TestFilter_include # include mode
clang++ TestFilter.cpp -mllvm -fla -mllvm -filter-mode=exclude -o TestFilter_include # exclude mode
clang++ TestFilter.cpp -mllvm -fla -mllvm -o TestFilter_include # default mode
Following is a self-explanatory snippet showing how to annonate functions. In this case, only foo1 will be obfuscated in include mode. Only foo2 will be ignored in exclude mode. And foo3 will always be obfuscated:
```cpp
define FUNCINCLUDE _attribute__((annotate("include")))
define FUNCEXCLUDE _attribute__((annotate("exclude")))
FUNC_INCLUDE void foo1(){ }
FUNC_EXCLUDE void foo2(){ }
void foo3(){ }
int main(){ foo1(); foo2(); foo3(); } ```
Test
Quick Test on AES
If you are developing your own passes based on this project, you can simply check your passes using ./fast-check [your-passes] (e.g., ./fast-check.sh gle mba mba-prob=40).
See fast-check.sh and test/aes.
Test on libsecp256k1
You can also utilize the crypto library libsecp256k1 as a test suite to insure your passes work well in most cases before releasing. Use ./check [your-passes] (e.g., ./check.sh -s -mllvm -mba -mllvm -mba-prob=50 -mllvm -fla-ex -mllvm -gle) to perform the test. Generally, it will cost several minutes to be done.
Passed Parameters:
- Flattening: -O2 -mllvm -fla
- FlatteningEnhanced: -O2 -mllvm -fla-ex
- BogusControlFlow: -O2 -mllvm -bcf
- Substitution: -O2 -mllvm -sub
- GlobalsEncryption: -O2 -mllvm -gle
- MBAObfuscation: -O2 -mllvm -mba -mllvm -mba-prob=100
- FullProtection (HIGHLY RECOMMENDED): -s -mllvm -mba -mllvm -mba-prob=50 -mllvm -fla-ex -mllvm -gle
See check.sh and test/secp256k1.
Owner
- Name: ApacheCN 归档
- Login: apachecn-archive
- Kind: organization
- Email: wizard.z@qq.com
- Repositories: 180
- Profile: https://github.com/apachecn-archive
防止重要项目丢失而设立的归档