Installation
You will find here some informations on how to get, build and use our project.
We maintain several branches: the one named llvm-4.0 is the latest official (i.e., non-dev) version and is based on the version 4.0.1 released by the LLVM team. Older branches are also available: llvm-3.3, llvm-3.4, llvm-3.5, llvm-3.6.1
At the moment, all our obfuscation transforms have been ported in all branches.
To get the latest version of the LLVM branch, you can use the following commands:
$ git clone -b llvm-4.0 https://github.com/obfuscator-llvm/obfuscator.git
$ mkdir build
$ cd build
$ cmake -DCMAKE_BUILD_TYPE=Release ../obfuscator/
$ make -j7
Older branches can be accordingly be cloned.
When the build is finished, you should have all the binaries in build/bin.
Note that this source tree contain LLVM and Clang.
The simplest way to use Obfuscator-LLVM, is to pass a flag to the LLVM backend from Clang. The current available flags are :
-
-flafor the control flow flattening pass -
-subfor the instruction substitution pass -
-bcffor the bogus control flow pass
For annotations, see Functions annotations.
Imagine that you have a code file named test.c and that you want to use the substitution pass; just call clang like that :
$ path_to_the/build/bin/clang test.c -o test -mllvm -sub
Of course, you can call more than one pass at a time (e.g flattening and substitutions) :
$ path_to_the/build/bin/clang test.c -o test -mllvm -sub -mllvm -fla
If you have a project using the 'autotools' and you want to compile it with obfuscation, you can do that :
$ CC=path_to_the/build/bin/clang
$ CFLAGS+="-mllvm -fla" or CXXFLAGS+="-mllvm -fla" (or any other obfuscation-related flags)
$ ./configure
$ make
If you have questions, don't hesitate to [contact](How to Contribute) us.
To use o-llvm within Xcode, you have to write a Xcode plugin.
This tutorial is based on this one. It was tested with Xcode 8.2.
$ cd /Applications/Xcode.app/Contents/PlugIns/Xcode3Core.ideplugin/Contents/SharedSupport/Developer/Library/Xcode/Plug-ins/
$ sudo cp -r Clang\ LLVM\ 1.0.xcplugin/ Obfuscator.xcplugin
$ cd Obfuscator.xcplugin/Contents/
$ sudo plutil -convert xml1 Info.plist
$ sudo vim Info.plist
Change:
<string>com.apple.compilers.clang</string> -> <string>com.apple.compilers.obfuscator</string>
<string>Clang LLVM 1.0 Compiler Xcode Plug-in</string> -> <string>Obfuscator Xcode Plug-in</string>
Then:
$ sudo plutil -convert binary1 Info.plist
$ cd Resources/
$ sudo mv Clang\ LLVM\ 1.0.xcspec Obfuscator.xcspec
$ sudo vim Obfuscator.xcspec
Change:
<key>Description</key>
<string>Apple LLVM 8.0 compiler</string> -> <string>Obfuscator 4.0 compiler</string>
<key>ExecPath</key>
<string>clang</string> -> <string>/path/to/obfuscator_bin/clang</string>
<key>Identifier</key>
<string>com.apple.compilers.llvm.clang.1_0</string> -> <string>com.apple.compilers.llvm.obfuscator.4_0</string>
<key>Name</key>
<string>Apple LLVM 8.0</string> -> <string>Obfuscator 4.0</string>
<key>Vendor</key>
<string>Apple</string> -> <string>HEIG-VD</string>
<key>Version</key>
<string>7.0</string> -> <string>4.0</string>
Then:
$ cd English.lproj/
$ sudo mv Apple\ LLVM\ 5.1.strings "Obfuscator 3.4.strings"
$ sudo plutil -convert xml1 Obfuscator\ 3.4.strings
$ sudo vim Obfuscator\ 3.4.strings
Change:
<key>Description</key>
<string>Apple LLVM 8.0 compiler</string> -> <string>Obfuscator 4.0 compiler</string>
<key>Name</key>
<string>Apple LLVM 8.0</string> -> <string>Obfuscator 4.0</string>
<key>Vendor</key>
<string>Apple</string> -> <string>HEIG-VD</string>
<key>Version</key>
<string>7.0</string> -> <string>4.0</string>
Then:
$ sudo plutil -convert binary1 Obfuscator\ 3.4.strings
Now, you can open Xcode and set the new compiler in your project settings:
And you can add your obfuscation flags to the CXXFLAGS or CFLAGS like that:
