Code Monkey home page Code Monkey logo

wang-guangcheng / pluto-obfuscator Goto Github PK

View Code? Open in Web Editor NEW

This project forked from bluesadi/pluto

0.0 0.0 0.0 107.83 MB

Obfuscator based on LLVM 12.0.1

License: MIT License

C++ 33.04% CMake 0.15% Shell 0.02% Go 0.03% OCaml 0.07% Python 0.36% C 6.48% LLVM 47.90% Assembly 10.94% Objective-C 0.70% Roff 0.01% HTML 0.27% Swift 0.01% CSS 0.01% Batchfile 0.01% Perl 0.02% Starlark 0.01% Dockerfile 0.01% Emacs Lisp 0.01% TypeScript 0.01%

pluto-obfuscator's Introduction

Pluto-Obfuscator

Pluto is an obfuscator based on LLVM 12.0.1, being developed and maintained by 34r7h4mn and za233.

Pluto is a dwarf planet in the Kuiper belt, a ring of bodies beyond the orbit of Neptune.

Environment

This project was developed and tested on the following environment:

  • Ubuntu 20.04.3 LTS
  • Clang/LLVM 12.0.1
  • CMake 3.16.3
  • Ninja 1.10.0

You can also build this project on Windows and MacOS, or even embed it in Android NDK toolchain (need some adjustment, tested on Android NDK r23).

Features

  • Control Flow Flattening
  • Bogus Control Flow
  • Instruction Substitution
  • Random Control Flow
  • Variable Substitution
  • String Encryption
  • Globals Encryption
  • Trap Angr
  • MBA Obfuscation

Usage

Building on Linux/Windows

The following commands work on both Linux and Windows:

cd build
cmake -G "Ninja" -DLLVM_ENABLE_PROJECTS="clang" \
    -DCMAKE_BUILD_TYPE=Release -DLLVM_TARGETS_TO_BUILD="X86" \
    -DBUILD_SHARED_LIBS=On ../llvm
ninja

Building on MacOS

mkdir -p build
cd build
cmake -G "Ninja" -DLLVM_ENABLE_PROJECTS="clang" \
    -DCMAKE_BUILD_TYPE=Release \
    -DDEFAULT_SYSROOT=$(xcrun --show-sdk-path) \
    -DCMAKE_OSX_SYSROOT=/Library/Developer/CommandLineTools/SDKs/MacOSX11.3.sdk \
    -DCMAKE_OSX_ARCHITECTURES="arm64;x86_64" \
    ../llvm
ninja

Test

Fast test on AES

Run a test case of AES to check out buggy code quickly and roughly.

See fast-check.sh and test/aes.

Full test on libsecp256k1

We have a full test on a crypto library named libsecp256k1 from bitcoin-core/secp256k1, to insure our passes work fine in most cases.

Passed:

  • Flattening: -O2 -mllvm -fla
  • BogusControlFlow: -O2 -mllvm -bcf
  • Substitution: -O2 -mllvm -sub
  • GlobalsEncryption: -O2 -mllvm -gle
  • MBAObfuscation: -O2 -mllvm -mba -mllvm -mba-prob=100

See check.sh and test/secp256k1.

pluto-obfuscator's People

Contributors

za233 avatar bluesadi avatar ylarod avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.