search

es3n1n / obfuscator

PE bin2bin obfuscator
https://blog.es3n1n.eu/posts/obfuscator-pt-1
GNU General Public License v3.0
575 stars 55 forks source link

Does nothing #18

Open FirowMD opened 4 months ago

FirowMD commented 4 months ago

Command I've used to perform:

"C:\Users\geork\Documents\Github\obfuscator\build\src\RelWithDebInfo\obfuscator.exe" C:\Users\geork\Documents\Github\obfox\test_app\AppKey\x64\Debug\AppKey.exe -pdb C:\Users\geork\Documents\Github\obfox\test_app\AppKey\x64\Debug\AppKey.pdb -f main -t ConstantCrypt -t BogusControlFlow -t DecompBreak -t Substitution -v SomeValue0 133

AppKey source code:

#include <stdio.h>
#include <string.h>

#define PASS "key01234"
#define BUFF_SIZE 0xFF

int main(void) {
    printf("Enter key: ");
    char key[BUFF_SIZE];

    fgets(key, BUFF_SIZE, stdin);
    key[sizeof(PASS) - 1] = '\0';

    if (strcmp(key, PASS) == 0) {
        printf("Correct key!\n");
    } else {
        printf("Incorrect key!\n");
    }

    getchar();
    return 0;
}

I've tried both Release and Release with debug info versions of obfuscator. Both do nothing, guess it because of exception:

image

Console output:

image

If I remove all of the transforms I want to apply to program and leave only, for example, ConstantCrypt still doesn't work.

es3n1n commented 4 months ago

Hello, I am not too sure what you exactly meant. Can you be more precise? The screenshot from x64dbg you attached: were you attached to the protected binary or the obfuscator itself? The second screenshot: after this state it just crashes? Also please upload the binary+pdb that you were trying to process.

FirowMD commented 4 months ago

Hello, I am not too sure what you exactly meant. Can you be more precise? The screenshot from x64dbg you attached: were you attached to the protected binary or the obfuscator itself? The second screenshot: after this state it just crashes? Also please upload the binary+pdb that you were trying to process.

I mean when I run obfuscator it doesn't do something with my own binary AppKey. You see at screenshot that I've attached x64dbg to obfuscator and it shows call stack when exception was raised. The second screenshot - yes. After this, obfuscator just closes, nothing more will appear.

AppKey, which I've tried to obfuscate: https://mega.nz/file/GqoS0YRK#HKAAdkZTkrN2eTSm-sqwpWmMsze4M_Okk-Ih8gRaZhI

es3n1n commented 4 months ago

I mean when I run obfuscator it doesn't do something with my own binary AppKey. You see at screenshot that I've attached x64dbg to obfuscator and it shows call stack when exception was raised. The second screenshot - yes. After this, obfuscator just closes, nothing more will appear.

AppKey, which I've tried to obfuscate: https://mega.nz/file/GqoS0YRK#HKAAdkZTkrN2eTSm-sqwpWmMsze4M_Okk-Ih8gRaZhI

Thank you! I will take a look at it as soon as I can, however there's no ETA.

es3n1n commented 4 months ago

in the meanwhile, @FirowMD can you please confirm that this issue remains unsolved on the dev branch?

FirowMD commented 4 months ago

in the meanwhile, @FirowMD can you please confirm that this issue remains unsolved on the dev branch?

Same

image

FirowMD commented 4 months ago

Launched via Visual Studio 2022 Debug version:

image

es3n1n commented 4 months ago

Alright, thank you.