Code Obfuscation

Obfuscation is making something complex and difficult to understand. Programming codes are often obfuscated to decrease the security risks such as preventing an attacker from reverse engineering a software program and protect intellectual properties.

Code obfuscation is not about changing the program’s original code contents, but rather about making the presentation of that code more confusing. Obfuscation does not change how the program works or outputs.

The following are some techniques we should know about obfuscation.

Renaming

The obfuscator alters the methods and names of variables. The new names may include unprintable or invisible characters.

Packing

This compresses the entire program to make the code unreadable.

String encryption

This method uses encryption to hide the strings in the executable and only restores the values when they are needed to run the program. This makes it difficult to go through a program and search for particular strings.

Control flow

The decompiled code is made to look like spaghetti logic, which is unstructured and hard to maintain code where the line of thought is obscured. Results from this code are not clear, and it’s hard to tell what the point of the code is by looking at it.

Instruction pattern transformation

This approach takes common instructions created by the compiler and swaps them for more complex, less common instructions that effectively do the same thing.

Dummy code insertion

Dummy code can be added to a program to make it harder to read and reverse engineer, but it does not affect the program’s logic or outcome.

Metadata or unused code removal

Unused code and metadata give the reader extra information about the program, much like annotations on a Word document, that can help them read and debug it. Removing metadata and unused code leaves the reader with less information about the program and its code.

Summary

Obfuscation techniques are used in various cases. For example, these can be used to stop someone from copying your client-side code. And enterprises also need to make sure that websites are protected against malicious code injection and it difficult to discover useful information such as trade secrets (IP), credentials, or security vulnerabilities from an application.

Hope you enjoy that.

By Asahi

Tweet