A set of programs used for benchmarking the strength of obfuscation
By Obfuscation Benchmarks we mean programs which can be obfuscated using different tools at: source code, intermediate representation and/or machine code level. The reason for obfuscating these programs can be (but is not limited) to compare the strength of different obfuscation transformations/implementations against both human-assisted and automated attacks. This repository contains the source code of C programs, which can be used as obfuscation benchmarks.
basic-algorithms
contains typical algorithms taught in Bachelor level computer science and programming courses, e.g. factorial, sorting algorithms, searching algorithms, greatest common divisor, least common multiple, etc.resources
contains archives of some of the tools we used for our experiments. We install these tools in an automated Docker build (instructions provided below), where one can play around with the tools and scripts provided in this repository, without the hassle of installing an configurating everything from scratch.simple-hash-functions
contains non-cryptographic hash functionssmall-programs
contains a set of 48 programs with few lines of code constructed by varying the following code characteristics:
tigress-generated-programs
contains a large set of programs automatically generated by the RandomFuns
transformation of the Tigress C Diversifier/Obfuscator by varying the following command line options:
Seed
randomization seedRandomFunsTypes
data type of variablesRandomFuns Operators
types of operators (e.g. arithmetic, logic)RandomFunsControlStructures
control structure of the programRandomFunsBasicBlockSize
the number of statements in each basic blockRandomFunsForBound
the type of bound in loop conditions (e.g. constant, input dependent)scrips
contains bash, Python and R scripts to obfuscate C programs
using the Tigress and ollvm obfuscation tools and to perform a
symbolic execution attack described a series of papers by Banescu et
al. [1], [2] and [3]. For more details about how to use these scripts
see README inside folder.Based on Ubuntu 14.04, having the following software installed:
To run GUI apps from the container execute the following command:
XSOCK=/tmp/.X11-unix
XAUTH=/tmp/.docker.xauth
touch $XAUTH
xauth nlist $DISPLAY | sed -e 's/^..../ffff/' | xauth -f $XAUTH nmerge -
docker run -it --volume=$XSOCK:$XSOCK:rw \
--volume=$XAUTH:$XAUTH:rw \
--env="XAUTHORITY=${XAUTH}" \
--env="DISPLAY" --user="klee" banescusebi/obfuscation-symex
If you also want to mount your current directoy to a directlory called
test
then replace the last command from above with:
docker run -it --volume=$XSOCK:$XSOCK:rw \
--volume=$XAUTH:$XAUTH:rw \
--env="XAUTHORITY=${XAUTH}" \
--env="DISPLAY" --user="klee" \
--mount type=bind,src="$(pwd)",dst=/home/klee/test \
banescusebi/obfuscation-symex
This post helpful to follow in order to run GUI apps from the container on macOS X. For convenience we present the steps here:
brew install socat
socat TCP-LISTEN:6000,reuseaddr,fork UNIX-CLIENT:\"$DISPLAY\"
Install xQuartz either using the following commands or downloding the .dmg file from the website.
brew install xquartz
After installing xQuartz run the following command:
open -a XQuartz
In the preferences window of XQuartz, in the "Security" tab, check the "Allow connections from network clients" checkbox.
IP=$(ifconfig en0 | grep inet | awk '$1=="inet" {print $2}')
docker run -it -v /tmp/.X11-unix:/tmp/.X11-unix \
-e DISPLAY=$IP:0 banescusebi/obfuscation-symex