search

Hnfull / Intensio-Obfuscator

Obfuscate a python code 2.x and 3.x
MIT License
624 stars 129 forks source link

Method of a Python Standard Library being obfuscated #41

Closed mcastillof closed 4 years ago

mcastillof commented 4 years ago

If there is a function with the same name of a method of a module from Standard Library, the method is being obfuscated. Better explained with a example.

Example file:

import time
def sleep(seconds):
    time.sleep(seconds)
sleep(10)

File generated with Intensio-Obfuscator and arguments -rts -v:

import time
def hIJMNIXyJUMLsJhKNxrITAabtKOzJWsbPsoRkBFdHhAIQZKsMucumMGaTFQBiKDv(seconds):
    time.hIJMNIXyJUMLsJhKNxrITAabtKOzJWsbPsoRkBFdHhAIQZKsMucumMGaTFQBiKDv(seconds)
hIJMNIXyJUMLsJhKNxrITAabtKOzJWsbPsoRkBFdHhAIQZKsMucumMGaTFQBiKDv(10)

The third line should have been:

    time.sleep(seconds)

The verbose output while generating the obfuscation:


********************* [ Analyze and setup environment ] **********************

[+] Running analyze input of 1 file(s)...

Analysis     |================================| 100%

[+] File input found :

-> /home/dodo/tmp/safeToDelete/nuevo1/main.py

[+] Analyze input argument '/home/dodo/tmp/safeToDelete/nuevo1' -> Successful
[!] Output '/home/dodo/tmp/safeToDelete/deploy1' already exists, do you want delete it ? (Y/N) : 
[+] Running analyze output of 1 file(s)...

Analysis     |================================| 100%

[+] Output files copy :

-> /home/dodo/tmp/safeToDelete/deploy1/main.py

[+] Analyze and setup output argument environment '/home/dodo/tmp/safeToDelete/deploy1' -> Successful

********************** [ Obfuscation delete comments ] ***********************

[+] Running delete comments in 1 file(s)...

Obfuscation  |================================| 100%

Check        |================================| 100%

-> 0 lines of comments deleted

[+] Obfuscation delete comments -> Successful

******************** [ Obfuscation delete line space(s) ] ********************

Obfuscation  |================================| 100%

Check        |================================| 100%

[+] Obfuscation delete lines spaces -> Successful

******************* [ Correction padding empty class(es) ] *******************

Correction   |================================| 100%

[!] No empty class found in /home/dodo/tmp/safeToDelete/deploy1

****************** [ Correction padding empty function(s) ] ******************

Correction   |================================| 100%

[!] No empty function found in /home/dodo/tmp/safeToDelete/deploy1

************ [ Obfuscation replace string(s) to string(s) mixed ] ************

[+] Running replacement of variables/classes/functions in 1 file(s), he can be long... you have time to make a coffee :)

Setting up   |================================| 100%

[+] Variable(s) found :

-> No result

[+] Class(es) found :

-> No result

[+] Function(s) found :

-> sleep : hIJMNIXyJUMLsJhKNxrITAabtKOzJWsbPsoRkBFdHhAIQZKsMucumMGaTFQBiKDv

[+] String excluded found in 'exclude/string_to_string_mixed/exclude_word_by_user.txt' that have been matched from '/home/dodo/tmp/safeToDelete/deploy1' :

-> No result

[+] String excluded found in 'exclude/string_to_string_mixed/exclude_word_do_not_modify.txt' that have been matched from '/home/dodo/tmp/safeToDelete/deploy1' :

-> No result

Obfuscation  |================================| 100%

Check        |================================| 100%

-> 1 variable(s)/class(es)/function(s) replaced in 1 file(s)

[+] Obfuscation replace string to string mixed -> Successful

****************** [ Obfuscation adding padding script(s) ] ******************

[!] Obfuscation [ padding script ] no asked !

******************** [ Obfuscation replace file(s) name ] ********************

[!] Obfuscation [ replace file name ] feature no asked !

****************** [ Obfuscation replace string(s) to hex ] ******************

[!] Obfuscation [ replace string to hex ] feature no asked !

********************* [ Correction delete .pyc file(s) ] *********************

[!] No .pyc file(s) found in /home/dodo/tmp/safeToDelete/deploy1
Hnfull commented 4 years ago

Hi,

In this case, I recommend manually excluding the variables / functions / classes identical to the name of a method belonging to an external external library in this file -> https://github.com/Hnfull/Intensio-Obfuscator/blob/master/intensio/exclude/string_to_string_mixed/exclude_word_by_user.txt.

I explain this recommendation here -> https://github.com/Hnfull/Intensio-Obfuscator/blob/master/docs/recommendations/python_code_recommendations.md.

I also created a default exclusion list -> https://github.com/Hnfull/Intensio-Obfuscator/blob/master/intensio/exclude/string_to_string_mixed/exclude_word_do_not_modify.txt.

I created the same issue to add this functionality https://github.com/Hnfull/Intensio-Obfuscator/issues/32.

The intensio-obfuscator tool requires the configuration and the adaptation of the code to obfuscate in a loop, sometimes requiring a lot of time unfortunately.

Thank you for your return and analyse @mcastillof .

mcastillof commented 4 years ago

I will definitely use again your software to obfuscate other codes. Next time, hopefully with more time, I will for sure read the docs.

Hnfull commented 4 years ago

I am available to help you if you need :) I close this issue to avoid duplication with https://github.com/Hnfull/Intensio-Obfuscator/issues/32