IOS code obfuscation

Time:2019-10-9

Confusion principle

The code compilation phase replaces symbols (method name, attribute name, etc.) with randomly generated strings

To make a long story short, go straight to the next step.

Confusing integration steps

Step 1: Create a shell file (confuse. sh) and configure the corresponding running environment.

  • Create a new folder under the project root directory
    image.png
  • Here, take the folder name CodeObfuscation, as shown in the following figure
    image.png
  • Create a new shell file (. sh file) under the previous file
    image.png
  • Enter the file name: confuse. sh, click the Create button
    image.png
    image.png
  • Add a runtime environment to the. sh file
    image.png
  • Add the read path of the. sh file, $PROJECT_DIR/CodeObfuscation/confuse.sh, as shown below
    image.png
  • Add run content (run code) to the. sh file
    Copy and paste the following code into the confuse.sh file
TABLENAME=symbols
SYMBOL_DB_FILE="$PROJECT_DIR/CodeObfuscation/symbols"
STRING_SYMBOL_FILE="$PROJECT_DIR/CodeObfuscation/func.list"
HEAD_FILE="$PROJECT_DIR/CodeObfuscation/codeObfuscation.h"
export LC_CTYPE=C
 
# Maintaining the database for future weighting
createTable(){
  echo "create table $TABLENAME(src text, des text);" | sqlite3 $SYMBOL_DB_FILE
}
 
insertValue(){
  echo "insert into $TABLENAME values('$1' ,'$2');" | sqlite3 $SYMBOL_DB_FILE
}
 
query(){
 echo "select * from $TABLENAME where src='$1';" | sqlite3 $SYMBOL_DB_FILE
}
 
ramdomString(){
  openssl rand -base64 64 | tr -cd 'a-zA-Z' |head -c 16
}
 
rm -f $SYMBOL_DB_FILE
rm -f $HEAD_FILE
createTable
 
touch $HEAD_FILE
echo '#ifndef Demo_codeObfuscation_h
#define Demo_codeObfuscation_h' >> $HEAD_FILE
echo "//confuse string at `date`" >> $HEAD_FILE
cat "$STRING_SYMBOL_FILE" | while read -ra line; do
if [[ ! -z "$line" ]]; then
ramdom=`ramdomString`
echo $line $ramdom
insertValue $line $ramdom
echo "#define $line $ramdom" >> $HEAD_FILE
fi
done
echo "#endif" >> $HEAD_FILE
 
sqlite3 $SYMBOL_DB_FILE .dump

Step 2: Create func. list file

image.png

  • Enter the file name: func. list, click the Create button
    image.png

Step 3. Create the codeObfuscation.h file

image.png

  • Enter codeObfuscation. h and click the Create button
    image.png

Step 4. Include codeObfuscation. h into the PCH file, add the method name or attribute name to func. list to confuse.

  • Include codeObfuscation. h into the PCH file (if the program does not have a PCH file, refer to https://blog.csdn.net/yanglei3kyou/article/details/45891267).

image.png

  • Add confusing method or attribute names to the func. list file
    image.png

Step 5. Change the permissions of confuse.sh file

  • Open the terminal and CD to the Code Obfuscation folder.
  • Enter the LS command at the terminal and return to view the contents of the files in the folder as follows
    image.png
  • Enter sudo Chmod 777 confuse. sh command and return as follows
    image.png
  • Change the file permissions to be readable, writable and runnable. At this time, you need to type in the open secret code. The input content is not displayed under mac, and you can enter it directly.
  • Change confuse.sh file run permission to complete

Step 6. View the results

  • View the changes in the contents of the codeObfuscation. h file, as shown below
    image.png

Step 7. Confirmation of results

How do you know if the replacement is successful? We find the replacement method name or attribute name, Click to jump to the definition, and then jump to codeObfuscation. h to indicate that the replacement was successful.
image.png