In this tutorial we are going to show you some basic techniques used to protect your code from being reverse engineered.
NOTE: THIS TUTORIAL DOESN"T PROVIDE FULL PROTECTION AGAINST REVERSE ENGINEERING BUT IT HELPS SOMEHOW FOR BEGINNERS
1- Have you implemented an algorithm and afraid that someone steal your code ?
2- Do you want to to make it difficult for those who want to compromise your framework or tool?
3-you have commercial products based on arduino or AVR and want to keep the source code secret?
4- are you Newbie malware writer ? (I hope you are not )
5- maybe you are none of the above but just you want to embarrass you friends with the new tricks you will learn.
this tutorial is meant to be for linux users I will soon create another instructable for windows users ;) and the link will be here.
I need to point out that I will use the simple hello world example to illustrate these techniques. But it can be used in more complex examples.
Step 1: Requirements
you will need :
1- x86 linux machine. same techniques can be applied for any architecture (x64 , arm ,.....) with gcc installed
2- some sort of compiled language as C ,C++ or any other language compiled directly into machine language (java won't work, C# won't work)
3- the very basic knowledge of assembly language. (It is not a must but it will help alot).
Step 2: The Basic Idea
we will discuss the techniques we will use to mess things up:
1-hide all texts
2- insert some junk bytes in the middle of the code
3- remove all symbols
Step 3: Encrypting Text
keeping the texts in the code as it is makes it simple for reverse engineers to find out where to start. and they can easily manipulate this text easily or try to reverse engineer the code near these strings
the first picture is the hex view for this code
malicious user and dig into your executable using any hex editor and change the text hello world into anything else
so we need to encrypt the text using some basic functions
I wrote that simple code to try to hide the hello world
#define dec(x) x+5
this code seems nasty but it helps a lot all it does is take each number and add 5 to it then print it as character.
it makes the string hidden deep in the binary file and thats it goal is accomplished
all strings are hidden at least in the hex view :D
you can check each program by your self by:
1- put each code in file called hello1.c and hello2.c
2- from your termianal type:
3- to run these codes (check the functionality) type "./hello1" then "./hello2"
4- last step is to view the hex dump of these executables by "xxd hello1" and "xxd hello2"
Step 4: Add Some Junk Bytes
our next step is to add some nonsense into the assembly file of our hello world so that we can hide every aspect of our code.
first we need to generate the .s file of our code "gcc hello.c -S -masm=intel"
after that open the file hello.s and search for main (For this step you need to read through assembly and understand the flow of the program to make sure that you don't break your code)
on any line inside main (As I said make sure you don't alter the flow of program) type "jmp name"
you can write whatever you want in name following the identifier rules then on the next line write "name : "
where name is the same name as you used before after that between the "jmp name" and "name:" you can write some junk bytes ( should start by ".byte 0x" than 1 byte hex number)
this will alter some of the instructions used but will execute correctly :D
now to build this assembly code type (gcc hello.s -o hello)
and make sure that everything is ok
Step 5: Remove All Symbols
after finishing all the previous techniques there is one last step to be done replace the symbols and names from the code a simple good way to do this is simply the strip command
try running strip hello
after this step all names as "main" and "home" and "name" will be removed so it will be somewhat difficult to trace the code you have written
Thats all Folks .
please donate us at bitcoins address to support us providing high quality instructables