先尝试环境搭建

如何有源代码、快速的、不使用壳的情况下混淆程序,最好的就是在编译的时候添加。
这里以最简单的猜大小的例子举例。

源代码是

#include <iostream>
#include <random>
#include <limits>

int main()
{
    std::random_device rd;
    std::mt19937 gen(rd());
    std::uniform_int_distribution<int> dist(1, 100);

    while (true) {
        int target = dist(gen);
        int guess = 0;
        int attempts = 0;

        std::cout << "\n========== Guess the Number ==========\n";
        std::cout << "A number between 1 and 100 has been generated.\n";
        std::cout << "Enter 0 to quit.\n\n";

        while (true) {
            std::cout << "Guess #" << attempts + 1 << ": ";

            if (!(std::cin >> guess)) {
                std::cin.clear();
                std::cin.ignore(std::numeric_limits<std::streamsize>::max(), '\n');
                std::cout << "Please enter a valid number!\n";
                continue;
            }

            if (guess == 0) {
                std::cout << "Exited the game.\n";
                return 0;
            }

            attempts++;

            if (guess < target) {
                std::cout << "Too low, try again!\n";
            }
            else if (guess > target) {
                std::cout << "Too high, try again!\n";
            }
            else {
                std::cout << "\nCongratulations! The number was " << target << "!\n";
                std::cout << "You got it in " << attempts << " attempt(s).\n";
                break;
            }
        }

        std::cout << "\nPress 1 to play again, any other key to exit: ";
        int play_again;
        if (!(std::cin >> play_again) || play_again != 1) {
            std::cout << "Thanks for playing, goodbye!\n";
            break;
        }
    }

    return 0;
}

  1. 使用 Release+ O2 进行优化+无符号表

    image-20260514135013911

  2. 使用 ollvm(-mllvm -fla) + 有符号表

搭建 ollvm 编译环境

参考的是 [2],使用的是windows平台,已有 VS2022 Cmake环境

https://github.com/heroims/obfuscator/tree/llvm-9.0.1

git 后得修改下 CMakelists.txt

image-20260514161714845

image-20260514161958287

image-20260514162039870

git clone -b llvm-9.0.1 https://github.com/heroims/obfuscator/
mkdir build
cd build

使用 MinGW

cmake -G "MinGW Makefiles" -DCMAKE_BUILD_TYPE=Release ../obfuscator
cmake --build ./ -j 24

使用 MSVC(不推荐)

cmake -G "Visual Studio 17 2022" -DCMAKE_BUILD_TYPE=Release ../obfuscator/
cmake --build ./ -j 24

image-20260514162410654

image-20260514163508696

混淆一共有三种模式,添加之前都得加上-mllvm

  • -fla:控制流平坦化
  • -sub:无效指令
  • -bcf:虚假控制流

测试一下

C:\Develop\C\ollvm\build\bin\clang++.exe .\main.cpp -mllvm -fla -o ollvm.exe

image-20260514163731986

现在尝试将其集成到cmake当中

配置cmake的编译器,选择产出的路径(build/bin),没有的话让vscode扫描一下就行了

image-20260514200605677

使用如下Cmake,CMAKE_CXX_COMPILER 写自己的路径

cmake_minimum_required(VERSION 3.11)
project(example LANGUAGES CXX)
set(CMAKE_CXX_COMPILER "C:\\Develop\\C\\ollvm\\build\\bin\\clang++.exe")
set(CMAKE_INCLUDE_CURRENT_DIR ON)
set(CMAKE_CXX_STANDARD 17)
set(CMAKE_CXX_STANDARD_REQUIRED ON)
# OLLVM flags passed via target_compile_options below

set(PROJECT_INCLUDE

)
set(PROJECT_SOURCE
    src/main.cpp
)

add_executable(${PROJECT_NAME} ${PROJECT_INCLUDE} ${PROJECT_SOURCE})
target_compile_definitions(${PROJECT_NAME} PRIVATE UNICODE _UNICODE)
target_compile_options(${PROJECT_NAME} PRIVATE -mllvm -fla -U__cpp_aligned_new)

你需要配置一个具有环境变量的 ninja 或者 make

image-20260514200705408

使用Ninja的话

cmake -G Ninja ..
ninja

image-20260514200824753

image-20260514200902014

使用CMake的话类似

引用

[1] obfuscator https://github.com/obfuscator-llvm/obfuscator/

[2] Windows上编译ollvm9.0等高版本并使用 https://www.cnblogs.com/revercc/p/16318849.html

[3] heroims/obfuscator https://github.com/heroims/obfuscator/tree/llvm-9.0.1