Skip to content

Commit

Permalink
chane styles
Browse files Browse the repository at this point in the history
  • Loading branch information
@SsageParuders
SsageParuders committed Jul 30, 2022
1 parent 323855c commit 935b76a
Show file tree
Hide file tree
Showing 9 changed files with 36 additions and 36 deletions.
Binary file modified Demo/main
View file
Binary file not shown.
4 changes: 2 additions & 2 deletions Demo/main.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,11 +2,11 @@
#include <stdlib.h>
#include <stdio.h>

int add(int a, int b) __attribute((__annotate__(("funwra bcf fla strenc indibr")))){
int add(int a, int b) __attribute((__annotate__(("split bcf fla strenc")))){
return (a+b);
}
// strenc indibr strenc
void say_hello() __attribute((__annotate__(("funwra bcf fla strenc indibr")))){
void say_hello() __attribute((__annotate__(("funwra indibr")))){
printf("Hello~\n");
}

Expand Down
12 changes: 6 additions & 6 deletions Obfuscation/src/BogusControlFlow.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -195,12 +195,12 @@ PreservedAnalyses BogusControlFlowPass::run(Function& F, FunctionAnalysisManager
}
// If fla annotations
if (toObfuscate(flag, &F, "bcf")){
outs() << "\033[44;37m============BogusControlFlow Start============\033[0m\n";
outs() << "\033[42;35mFunction : " << F.getName() << "\033[0m\n"; // 打印一下被混淆函数的symbol
bogus(F); //
doF(*F.getParent()); //
outs() << "\033[44;37m============BogusControlFlow Finish============\033[0m\n";
return PreservedAnalyses::none();
outs() << "\033[1;34m============BogusControlFlow Start============\033[0m\n";
outs() << "\033\033[1;32mFunction : " << F.getName() << "\033[0m\n"; // 打印一下被混淆函数的symbol
bogus(F); //
doF(*F.getParent()); //
outs() << "\033[1;34m============BogusControlFlow Finish============\033[0m\n";
return PreservedAnalyses::none();
}
return PreservedAnalyses::all();
}
Expand Down
12 changes: 6 additions & 6 deletions Obfuscation/src/Flattening.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,24 +14,24 @@ PreservedAnalyses FlatteningPass::run(Function& F, FunctionAnalysisManager& AM)
Function *tmp = &F; // 传入的Function
// 判断是否需要开启控制流平坦化
if (toObfuscate(flag, tmp, "fla")) {
outs() << "\033[44;37m============Flattening Start============\033[0m\n";
outs() << "\033[42;35mFunction : " << F.getName() << "\033[0m\n"; // 打印一下被混淆函数的symbol
outs() << "\033[1;34m============Flattening Start============\033[0m\n";
outs() << "\033[1;32mFunction : " << F.getName() << "\033[0m\n"; // 打印一下被混淆函数的symbol
INIT_CONTEXT(F);
// 不再自动进行基本块分割
// SplitBasicBlockPass *pass = createSplitBasicBlock(flag); // 在控制流平坦化之前先进行基本块分割 以提高混淆程度
// pass->run(F, AM);
flatten(*tmp);
++Flattened;
outs() << "\033[44;37m============Flattening Finish============\033[0m\n";
outs() << "\033[1;34m============Flattening Finish============\033[0m\n";
}
return PreservedAnalyses::none();
}

void FlatteningPass::flatten(Function &F){
outs() << "\033[42;35mFunction size : " << F.size() << "\033[0m\n";
outs() << "\033[1;32mFunction size : " << F.size() << "\033[0m\n";
// 基本块数量不超过1则无需平坦化
if(F.size() <= 1){
outs() << "\033[43;33mFunction size is lower then one\033[0m\n"; // warning
outs() << "\033[0;33mFunction size is lower then one\033[0m\n"; // warning
return;
}

Expand All @@ -43,7 +43,7 @@ void FlatteningPass::flatten(Function &F){
// Lower switch
FunctionPass *lower = createLegacyLowerSwitchPass();
lower->runOnFunction(F);
outs() << "\033[42;35mLower switch had open\033[0m\n";
outs() << "\033[1;32mLower switch had open\033[0m\n";

// 将除入口块(第一个基本块)以外的基本块保存到一个 vector 容器中,便于后续处理
// 首先保存所有基本块
Expand Down
8 changes: 4 additions & 4 deletions Obfuscation/src/FunctionWrapper.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,8 +23,8 @@ PreservedAnalyses FunctionWrapperPass::run(Module &M, ModuleAnalysisManager& AM)
for (Module::iterator iter = M.begin(); iter != M.end(); iter++) {
Function &F = *iter; // 迭代每个函数
if (toObfuscate(flag, &F, "funwra")) {
outs() << "\033[44;37m============FunctionWrapper Start============\033[0m\n";
outs() << "\033[42;35mFunction : " << F.getName() << "\033[0m\n"; // 打印一下被混淆函数的symbol
outs() << "\033[1;34m============FunctionWrapper Start============\033[0m\n";
outs() << "\033[1;32mFunction : " << F.getName() << "\033[0m\n"; // 打印一下被混淆函数的symbol
for (inst_iterator fi = inst_begin(&F); fi != inst_end(&F); fi++) {
Instruction *Inst = &*fi;
if (isa<CallInst>(Inst) || isa<InvokeInst>(Inst)) {
Expand All @@ -33,7 +33,7 @@ PreservedAnalyses FunctionWrapperPass::run(Module &M, ModuleAnalysisManager& AM)
}
}
}
outs() << "\033[44;37m============FunctionWrapper Finish============\033[0m\n";
outs() << "\033[1;34m============FunctionWrapper Finish============\033[0m\n";
}
}
for (CallSite *CS : callsites) {
Expand Down Expand Up @@ -69,7 +69,7 @@ CallSite* FunctionWrapperPass::HandleCallSite(CallSite *CS) {
types.push_back(CS->getArgOperand(i)->getType());
}
FunctionType *ft = FunctionType::get(CS->getType(), ArrayRef<Type *>(types), false);
Function *func = Function::Create(ft, GlobalValue::LinkageTypes::InternalLinkage, "HikariFunctionWrapper", CS->getParent()->getModule());
Function *func = Function::Create(ft, GlobalValue::LinkageTypes::InternalLinkage, "O0ooOO0o0OO0oO", CS->getParent()->getModule()); // 移除Hikari特征
appendToCompilerUsed(*func->getParent(), {func});
// FIXME: Correctly Steal Function Attributes
// func->addFnAttr(Attribute::AttrKind::OptimizeNone);
Expand Down
8 changes: 4 additions & 4 deletions Obfuscation/src/IndirectBranch.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,10 +24,10 @@ PreservedAnalyses IndirectBranchPass::run(Module &M, ModuleAnalysisManager& AM)
}
for (Function *F : funcs) {
if (toObfuscate(flag, F, "indibr")) {
outs() << "\033[44;37m============IndirectBranch Start============\033[0m\n";
outs() << "\033[42;35mFunction : " << F->getName() << "\033[0m\n"; // 打印一下被混淆函数的symbol
outs() << "\033[1;34m============IndirectBranch Start============\033[0m\n";
outs() << "\033[1;32mFunction : " << F->getName() << "\033[0m\n"; // 打印一下被混淆函数的symbol
HandleFunction(*F);
outs() << "\033[44;37m============IndirectBranch Finish============\033[0m\n";
outs() << "\033[1;34m============IndirectBranch Finish============\033[0m\n";
}
}
return PreservedAnalyses::all();
Expand Down Expand Up @@ -66,7 +66,7 @@ bool IndirectBranchPass::HandleFunction(Function &Func){
if (BI->isConditional() || indexmap.find(BI->getSuccessor(0)) == indexmap.end()) {
// Create a new GV
Constant *BlockAddressArray = ConstantArray::get(AT, ArrayRef<Constant *>(BlockAddresses));
LoadFrom = new GlobalVariable(*Func.getParent(), AT, false, GlobalValue::LinkageTypes::PrivateLinkage, BlockAddressArray, "HikariConditionalLocalIndirectBranchingTable");
LoadFrom = new GlobalVariable(*Func.getParent(), AT, false, GlobalValue::LinkageTypes::PrivateLinkage, BlockAddressArray, "Oo0ooO0o00OConditionalLocalIndirectBranchingTable"); // 移除Hikari特征
appendToCompilerUsed(*Func.getParent(), {LoadFrom});
} else {
LoadFrom = Func.getParent()->getGlobalVariable("IndirectBranchingGlobalTable", true);
Expand Down
4 changes: 2 additions & 2 deletions Obfuscation/src/PMRegistration.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ llvm::PassPluginLibraryInfo getSsagePluginInfo() {
return {
LLVM_PLUGIN_API_VERSION, "Ssage", LLVM_VERSION_STRING,
[](PassBuilder &PB) {
outs() << "Version is " << 14 << "\n";
outs() << "Version is " << 16 << "\n";
// for opt
PB.registerPipelineParsingCallback(
[&](StringRef Name, FunctionPassManager &FPM,
Expand Down Expand Up @@ -66,7 +66,7 @@ llvm::PassPluginLibraryInfo getSsagePluginInfo() {
FPM.addPass(FlatteningPass(false)); // 对于控制流平坦化 不提前开启LowerSwitch 只在控制流平坦化内调用LegacyLowerSwitch
MPM.addPass(createModuleToFunctionPassAdaptor(std::move(FPM)));
});
// 这里的注册时机不好 启用以下方案 改用上面的方案
// 这里的注册时机不好 弃用以下方案 改用上面的方案
// 自动注册 需要添加 -O1 参数 然则可能部分pass不生效
// PB.registerVectorizerStartEPCallback(
// [](llvm::FunctionPassManager &FPM, // 函数Pass 作用于某个函数内
Expand Down
18 changes: 9 additions & 9 deletions Obfuscation/src/SplitBasicBlock.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,11 +38,11 @@ static cl::opt<int> SplitNum("split_num", cl::init(3), cl::desc("Split <split_nu
PreservedAnalyses SplitBasicBlockPass::run(Function& F, FunctionAnalysisManager& AM) {
Function *tmp = &F; // 传入的Function
if (toObfuscate(flag, tmp, "split")){ // 判断什么函数需要开启混淆
outs() << "\033[44;37m============SplitBasicBlock Start============\033[0m\n";
outs() << "\033[42;35mFunction : " << F.getName() << "\033[0m\n"; // 打印一下被混淆函数的symbol
outs() << "\033[1;34m============SplitBasicBlock Start============\033[0m\n";
outs() << "\033[1;32mFunction : " << F.getName() << "\033[0m\n"; // 打印一下被混淆函数的symbol
split(tmp); // 分割流程
++Split; // 计次
outs() << "\033[44;37m============SplitBasicBlock Finish============\033[0m\n";
outs() << "\033[1;34m============SplitBasicBlock Finish============\033[0m\n";
}
return PreservedAnalyses::none();
}
Expand All @@ -61,22 +61,22 @@ void SplitBasicBlockPass::split(Function *f){
// 遍历函数的全部基本块
for (std::vector<BasicBlock *>::iterator I = origBB.begin(), IE = origBB.end();I != IE; ++I){
BasicBlock *curr = *I;
outs() << "\033[42;35mSplitNum : " << SplitNum << "\033[0m\n";
outs() << "\033[42;35mBasicBlock Size : " << curr->size() << "\033[0m\n";
outs() << "\033[1;32mSplitNum : " << SplitNum << "\033[0m\n";
outs() << "\033[1;32mBasicBlock Size : " << curr->size() << "\033[0m\n";
int splitN = SplitNum;
// 无需分割只有一条指令的基本块
// 不可分割含有PHI指令基本块
if (curr->size() < 2 || containsPHI(curr)){
outs() << "\033[43;33mThis BasicBlock is lower then two or had PIH Instruction!\033[0m\n";
outs() << "\033[0;33mThis BasicBlock is lower then two or had PIH Instruction!\033[0m\n";
continue;
}
// 检查splitN和基本块大小 如果传入的分割块数甚至大于等于基本块自身大小 则修改分割数为基本块大小减一
if ((size_t)splitN >= curr->size()){
outs() << "\033[43;33mSplitNum is bigger then currBasicBlock's size\033[0m\n"; // warning
outs() << "\033[43;33mSo SplitNum Now is BasicBlock's size -1 : " << (curr->size() - 1) << "\033[0m\n";
outs() << "\033[0;33mSplitNum is bigger then currBasicBlock's size\033[0m\n"; // warning
outs() << "\033[0;33mSo SplitNum Now is BasicBlock's size -1 : " << (curr->size() - 1) << "\033[0m\n";
splitN = curr->size() - 1;
} else {
outs() << "\033[42;35msplitNum Now is " << splitN << "\033[0m\n";
outs() << "\033[1;32msplitNum Now is " << splitN << "\033[0m\n";
}
// Generate splits point
std::vector<int> test;
Expand Down
6 changes: 3 additions & 3 deletions Obfuscation/src/StringEncryption.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,13 +10,13 @@ PreservedAnalyses StringEncryptionPass::run(Module &M, ModuleAnalysisManager& AM
for (Module::iterator iter = M.begin(); iter != M.end(); iter++){
Function *F = &(*iter);
if (toObfuscate(flag, F, "strenc")){
outs() << "\033[44;37m============StringEncryption Start============\033[0m\n";
outs() << "\033[42;35mFunction : " << F->getName() << "\033[0m\n"; // 打印一下被混淆函数的symbol
outs() << "\033[1;34m============StringEncryption Start============\033[0m\n";
outs() << "\033[1;32mFunction : " << F->getName() << "\033[0m\n"; // 打印一下被混淆函数的symbol
Constant *S = ConstantInt::get(Type::getInt32Ty(M.getContext()), 0);
GlobalVariable *GV = new GlobalVariable(M, S->getType(), false, GlobalValue::LinkageTypes::PrivateLinkage, S, "");
encstatus[F] = GV;
HandleFunction(F);
outs() << "\033[44;37m============StringEncryption Finish============\033[0m\n";
outs() << "\033[1;34m============StringEncryption Finish============\033[0m\n";
}
}
return PreservedAnalyses::all();
Expand Down

0 comments on commit 935b76a

Please sign in to comment.