Keep Your ###code Safe From ###reverse ###engineers Like Boss

About: Two things you should know about me; The first is that I am deeply suspicious of people in general. It is my nature to expect the worst of them. And the second is that I am unexpectedly good with computers

In this tutorial we are going to show you some basic techniques used to protect your code from being reverse engineered.

1- Have you implemented an algorithm and afraid that someone steal your code ?
2- Do you want to to make it difficult for those who want to compromise your framework or tool?
3-you have commercial products based on arduino or AVR and want to keep the source code secret?
4- are you Newbie malware writer ? (I hope you are not )
5- maybe you are none of the above but just you want to embarrass you friends with the new tricks you will learn.

this tutorial is meant to be for linux users I will soon create another instructable for windows users ;) and the link will be here.
I need to point out that I will use the simple hello world example to illustrate these techniques. But it can be used in more complex examples.

Step 1: Requirements

you will need :

1- x86 linux machine. same techniques can be applied for any architecture (x64 , arm ,.....) with gcc installed
2- some sort of compiled language as C ,C++ or any other language compiled directly into machine language (java won't work, C# won't work)

3- the very basic knowledge of assembly language. (It is not a must but it will help alot).

Step 2: The Basic Idea

we will discuss the techniques we will use to mess things up:

1-hide all texts
2- insert some junk bytes in the middle of the code
3- remove all symbols

Step 3: Encrypting Text

keeping the texts in the code as it is makes it simple for reverse engineers to find out where to start. and they can easily manipulate this text easily or try to reverse engineer the code near these strings
the first picture is the hex view for this code

int main()

printf("Hello, world\n");


malicious user and dig into your executable using any hex editor and change the text hello world into anything else

so we need to encrypt the text using some basic functions
I wrote that simple code to try to hide the hello world

#define dec(x) x+5
int main()
{ printf("%c%c%c%c%c%c%c%c%c%c%c%c",dec(99),dec(96),dec(103),dec(103),dec(106),dec(27),dec(114),dec(106),dec(109),dec(103),dec(95),dec(5));

this code seems nasty but it helps a lot all it does is take each number and add 5 to it then print it as character.
it makes the string hidden deep in the binary file and thats it goal is accomplished
all strings are hidden at least in the hex view :D
you can check each program by your self by:
1- put each code in file called hello1.c and hello2.c
2- from your termianal type:
make hello1
make hello2
3- to run these codes (check the functionality) type "./hello1" then "./hello2"
4- last step is to view the hex dump of these executables by "xxd hello1" and "xxd hello2"

Step 4: Add Some Junk Bytes

our next step is to add some nonsense into the assembly file of our hello world so that we can hide every aspect of our code.
first we need to generate the .s file of our code "gcc hello.c -S -masm=intel"
after that open the file hello.s and search for main (For this step you need to read through assembly and understand the flow of the program to make sure that you don't break your code)
on any line inside main (As I said make sure you don't alter the flow of program) type "jmp name"
you can write whatever you want in name following the identifier rules then on the next line write "name : "
where name is the same name as you used before after that between the "jmp name" and "name:" you can write some junk bytes ( should start by ".byte 0x" than 1 byte hex number)
this will alter some of the instructions used but will execute correctly :D
now to build this assembly code type (gcc hello.s -o hello)
and make sure that everything is ok

Step 5: Remove All Symbols

after finishing all the previous techniques there is one last step to be done replace the symbols and names from the code a simple good way to do this is simply the strip command
try running strip hello
after this step all names as "main" and "home" and "name" will be removed so it will be somewhat difficult to trace the code you have written

Thats all Folks .
please donate us at bitcoins address to support us providing high quality instructables



    • Organization Contest

      Organization Contest
    • Remix Contest

      Remix Contest
    • Paper Contest

      Paper Contest

    2 Discussions