[hackerspaces] Post Compiling Binary Obfuscation
Paul Böhm
paul at boehm.org
Fri Jul 10 00:06:33 CEST 2009
which os? which languages? a few years back (2002) we released the (to
our knowledge) first ELF binary encrypter (the binary format on a lot
of unixy OSs). search for teso burneye - but by now there are generic
unpackers for it. there's a lot more knowledge in the windows world
about how to do this (packer/unpacking are the keywords and it's
become an art of its own) - the essential hard part is that you never
wanna keep the whole binary unencrypted in memory or it can be easily
(more or less) retrieved from there. if you just wanna fool existing
tools, you just need to avoid to give indication that the unpacking
has completed (the program should already be running, and the unpacker
should just believe it's still the packer that is running). as for
dynamic languages your best bet is modifying the intermediate
representation and the interpreter (e.g. the .pyc files for python) -
possibly protecting the binaries of your own interpreter with the
binary packing techniques.
enki
On Thu, Jul 9, 2009 at 2:35 PM, Eric Michaud<eric at hackerspaces.org> wrote:
> Hey Guys and Gals,
>
> I had a interesting question posited to me recently at the space about
> obfuscating binaries.
>
> So the example would be.
>
>
> I have a binary I'm going to distribute. I know it'll eventually get
> reversed, but what I'm asking is how can I make it take longer without
> having to rewrite my code with the intention of obfuscation from the
> beginning.
>
> I'm happy to fill in more if any of you have questions, but I'd love to hear
> your thoughts.
>
> -E.
>
> _______________________________________________
> Discuss mailing list
> Discuss at lists.hackerspaces.org
> http://lists.hackerspaces.org/mailman/listinfo/discuss
>
>
More information about the Discuss
mailing list