diff --git a/src/examples/python/synthesizing_obfuscated_expressions.py b/src/examples/python/synthesizing_obfuscated_expressions.py index dd86958b7..71d08d5bc 100755 --- a/src/examples/python/synthesizing_obfuscated_expressions.py +++ b/src/examples/python/synthesizing_obfuscated_expressions.py @@ -3,7 +3,7 @@ ## ## Example of synthesizing obfuscated expressions. ## -## $ time python3 ./synthesizing_obfuscated_expressions.py +## $ python3 ./synthesizing_obfuscated_expressions.py ## In: (((((SymVar_0 | SymVar_1) + SymVar_1) & 0xff) - ((~(SymVar_0) & 0xff) & SymVar_1)) & 0xff) ## Out: ((SymVar_0 + SymVar_1) & 0xff) ## @@ -31,7 +31,7 @@ ## In: ((((((~(((((((((((z & 0xff) << 0x8) & 0xffffffff) | ((z >> 0x8) & 0xff)) << 0x8) & 0xffffffff) | ((z ... ## Out: (((bswap(z, 32) ^ 0x23746fbe) + 0xfffffffd) & 0xffffffff) ## -## python3 ./synthesizing_obfuscated_expressions.py 0.12s user 0.01s system 99% cpu 0.125 total +## [...] ## import sys @@ -84,20 +84,34 @@ def main(): # Some obfuscated expressions obf_exprs = [ - (x | y) + y - (~x & y), # x + y (from http://archive.bar/pdfs/bar2020-preprint9.pdf) - (x | y) - y + (~x & y), # x ^ y (from http://archive.bar/pdfs/bar2020-preprint9.pdf) - (x & ~y) | (~x & y), # x ^ y (from ?) - (x ^ y) + y - (~x & y), # x | y (from http://archive.bar/pdfs/bar2020-preprint9.pdf) - -(x | y) + y + x, # x & y (from http://archive.bar/pdfs/bar2020-preprint9.pdf) - ((z << 8) >> 16) << 8, # z & 0xffff00 (from https://blog.regehr.org/archives/1636) - (((x ^ y) + 2 * (x & y)) * 39 + 23) * 151 + 111, # x + y (from Ninon Eyrolle's thesis) - x_xor_92_obfuscated(x), # x ^ 92 (from imassage) - bswap32_xor_const(z), # ((bswap(z, 32) ^ 0x23746fbe) + 0xfffffffd) (from UnityPlayer.dll) + (x | y) + y - (~x & y), # x + y (from http://archive.bar/pdfs/bar2020-preprint9.pdf) + (x | y) - y + (~x & y), # x ^ y (from http://archive.bar/pdfs/bar2020-preprint9.pdf) + (x & ~y) | (~x & y), # x ^ y (from ?) + (x ^ y) + y - (~x & y), # x | y (from http://archive.bar/pdfs/bar2020-preprint9.pdf) + -(x | y) + y + x, # x & y (from http://archive.bar/pdfs/bar2020-preprint9.pdf) + ((z << 8) >> 16) << 8, # z & 0xffff00 (from https://blog.regehr.org/archives/1636) + (((x ^ y) + 2 * (x & y)) * 39 + 23) * 151 + 111, # x + y (from Ninon Eyrolle's thesis) + x_xor_92_obfuscated(x), # x ^ 92 (from iMassage) + bswap32_xor_const(z), # ((bswap(z, 32) ^ 0x23746fbe) + 0xfffffffd) (from UnityPlayer.dll) + (~(~(x) & ~(y)) & ~(~(~(x)) & ~(~(y)))), # x ^ y (from VMProtect https://whereisr0da.github.io/blog/posts/2021-02-16-vmp-3/) + ((~(~(x)) & ~(~(y))) + (~(~(x)) | ~(~(y)))), # x + y (from VMProtect https://whereisr0da.github.io/blog/posts/2021-02-16-vmp-3/) + ((~(~(y)) | ~(~(x))) + ~(~(x)) - (~(~(x)) & ~(~(~(y))))), # x + y (from VMProtect https://whereisr0da.github.io/blog/posts/2021-02-16-vmp-3/) + ((~(~(x)) | ~(~(y))) + (~(~(~(x))) | ~(~(y))) - (~(~(~(x))))), # x + y (from VMProtect https://whereisr0da.github.io/blog/posts/2021-02-16-vmp-3/) + ((~(~(x)) | ~(~(y))) + ~(~(y)) - (~(~(~(x))) & ~(~(y)))), # x + y (from VMProtect https://whereisr0da.github.io/blog/posts/2021-02-16-vmp-3/) + (~(~(y)) + (~(~(x)) & ~(~(~(y)))) + (~(~(x)) & ~(~(y)))), # x + y (from VMProtect https://whereisr0da.github.io/blog/posts/2021-02-16-vmp-3/) + (~(~(x) + y)), # x - y (from VMProtect https://whereisr0da.github.io/blog/posts/2021-02-16-vmp-3/) + (~(((~(~(x)) | y) - (~(~(x)))))), # ~((x | y) - x) (from VMProtect https://whereisr0da.github.io/blog/posts/2021-02-16-vmp-3/) + (~((~(x) & ~(x)) + y) & ~((~(x) & ~(x)) + y)), # x - y (from VMProtect https://whereisr0da.github.io/blog/posts/2021-02-16-vmp-3/) + ((~(~(x)) | y) - (~(~(~(x))) & y) - (~(~(x)) & ~y)), # x & y (from VMProtect https://whereisr0da.github.io/blog/posts/2021-02-16-vmp-3/) + ((~(~(~(x))) | y) - (~(~(~(x))))), # x & y (from VMProtect https://whereisr0da.github.io/blog/posts/2021-02-16-vmp-3/) + ((~(~(x)) & ~(y)) + y), # x | y (from VMProtect https://whereisr0da.github.io/blog/posts/2021-02-16-vmp-3/) + (((~(~(x)) & ~(y)) & y) + ((~(~(x)) & ~(y)) | y)), # x | y (from VMProtect https://whereisr0da.github.io/blog/posts/2021-02-16-vmp-3/) + ((~(~(x)) & ~(~(y))) + (~(~(x)) | ~(~(y)))), # x + y (from VMProtect https://whereisr0da.github.io/blog/posts/2021-02-16-vmp-3/) ] for expr in obf_exprs: (print('In: %s' %(expr)) if len(str(expr)) < 100 else print('In: %s ...' %(str(expr)[0:100]))) - expr = ctx.synthesize(expr, constant=True, subexpr=True, opaque=False) + expr = ctx.synthesize(expr, constant=True, subexpr=True) print('Out: %s' %(expr)) print()