Comment by 🚀 LucasMW
@Half_Elf_Monk This isn't related to open source either. Source theft is happening everywhere, specially to private repositories. Imagine, for example, a private repository on github or other provider. The company has access to it, hackers may have as well.
This is more like an extra layer of work the thief will have to do before stealing it for whatever reason.
May 06 · 7 months ago
13 Later Comments ↓
I am having a hard time imagining how that would work. You keep your source, with many comments, in order to understand what it does a year later and maybe be able make some changes.Why would you keep obfuscated source around since it's impossible to understand or change?
It's like buying very uncomfortable furniture just in case someone breaks into your house and sits down.
I seem to recall people having fun with #def's so they could make code that said "like <insert function here> man"
You could just parse the preprocessed file. There's a standalone c parser that's a part of stb libraries, idk how robust it is given that c parsing is kinda nontrivial in some edge cases. Or just any c parser I guess. Then once you have the syntax tree, you walk through it and output everything the same as it was instead of variables/function names, which you remap to whatever you wanted to.
Btw renaming global symbols would make most projects not compilable anyway since they're expected to have the names they have for linking, both static and dynamic :)
@undefined. Thanks, I will check this stb parser, to see if it fits my needs.
@stack just imagine you can keep a map of the original to renamed symbols elsewhere and can obfuscate and deobfuscate easyly at will.
I don't have a solution to recommend, but I'm reminded of how Swift allows programmers to use emoji as variable names. https://www.globalnerdy.com/wordpress/wp-content/uploads/2014/06/poopy-swift-code-example.jpg
I understand, but I cannot imagine why anyone would expose source unless it was the intent! If you are hiding the secret part that makes it readable, why not hide the actual source file itself!
The only (awful) case I can imagine is if you are contractually obligated to deliver compilable sources but want to screw the other party ...
Maybe it can be useful if the names interfere with other files or are not valid on one computer, they can be automatically changed to names that do not interfere and are valid. However, it may be necessary to do this across multiple source files. (In some cases, it may make more sense to change the names after the file is compiled.)
As a bonus, try to use similar-looking unpronounceable symbols and make sure to use same names for locals, globals, and function names, as much as possible
Mixing I and 1, and O and 0 is good. Or use Unicode look-alike glyphs
Or better yet just post some junk code and really confuse them, whoever they are
Isn't abuse of goto making the worst spaghetti code possible another form of obfuscation? Combined with similar looking labels like above.
Automatically create a slew of loops and conditionals using bullshit variables initialized elsewhere, in such a way that they will get optimized out.
Original Post
Obfuscating C — I am working on a code obfuscator. Basically the idea is to rename every symbol in the program to another name, thus destroyng information. The idea is also customization of the generated names according to wordlists and rulesets (for example, one pokémon themed) I already have some kind of proof of concept: For example, this small program: [preformatted] I wish there was some shortcuts. Does anyone knows an easy way of given a source file, to extract a list of all variable...