Thank you
What do you need/want to obfuscate? The source code of your application or?
Sorry for send wrong link, i updated it a new wiki link.
What my friend want is:
Protection for trade secrets
Where the source code of a program must be sent to the user, for example JavaScript in a web page, any trade secret, licensing mechanism or other intellectual property contained within the program is accessible to the user. Obfuscation makes it harder to understand the code and make modifications to it.
Desktop programs sometimes include features that help to obfuscate their code. Some programs may not store their entire code on disk, and may pull a portion of their binary code via the web at runtime. They may also use compression and/or encryption, adding additional steps to the disassembly process.
Well I mean if you’re able to read a compiled Crystal program as if it was Crystal syntax, then you’re on some other level . Not sure there’s really a need to obfuscate binaries. Could maybe decompile the binary back into LLVM-IR? But I highly doubt there’s a way to go back to Crystal source from a binary.
Yes, this is my question, not sure about it, so ask question here
The entire code obfuscation industry is pretty much snake oil as far as I can tell.
Yeah, you can’t get back to nicely formatted code in the original language, but you can always get assembly out of it, and from there, anyone who can read assembly can figure out what the program does.
Software security is a cost issue. The purpose of obfuscation is never to completely prevent software from being reverse engineered, it is to try to increase the cost of understanding. The cost of reversing a toy application is different than an application protected by control flow flattening, VMP, packing. Obfuscation makes sense once the cost of reverse engineering is so high that no one wants to do it
@zw963 Maybe you can look at OLLVM. And the Crystal compiler can emit IR.
In fact, i don’t care about obfuscation things, i told one my CTO friends, Crystal is awesome, he ask me this question, then i ask here,
Almost any code and embedded algorithm can be recovered.
I use the Ghidra SRE tool that helps to decompile binary code back to a C-like code when I have to look at malicious code.
If that program is written in C++ then quite often I can restore even RTTI information and virtual methods as well as an instance variable and class methods.
So if computer can execute the code that means I will be able to remove obfuscation and restore most of the logic.
Thank you!