To get obfuscator select branch what version you want
Current version: release/14.x
Next version: main (llvm 15.0)
__attribute( ( __annotate__( ( "obfuscator options separated by space" ) ) ) )
clang -mllvm <obfuscator option 1> -mllvm <obfuscator option 2> -mllvm <obfuscator option N> ...
Just pass obfuscator options. E.g. opt -fla -sub ...
fla
- activates control flow flatteningsplit
- activates basic block splitting. Improve the flattening when applied togethersplit_num=3
- if the pass is activated, applies it 3 times on each basic block. Default: 1
sub
- activate instructions substitutionsub_loop=3
- if the pass is activated, applies it 3 times on a function. Default : 1
With this obfuscation may break exception handling!
bcf
- activates the bogus control flow passbcf_loop=3
- if the pass is activated, applies it 3 times on a function. Default: 1bcf_prob=40
- if the pass is activated, a basic bloc will be obfuscated with a probability of 40%. Default: 30
Very simple xor (for llvm15 cesar+xor) string obfuscation. Applied only via command line
sobf
- activate string obfuscator pass
E.g. for Android NDK 24 you must use release/14.x:
git clone -b release/14.x https://github.com/sr-tream/obfuscator
cd obfuscator
git submodule update --init llvm-project
cd llvm-project
git apply ../obfuscator.patch
cmake -DCMAKE_BUILD_TYPE=Release -DLLVM_ENABLE_PROJECTS="clang;lld" -DLLVM_ENABLE_LLD=ON -DLLVM_STATIC_LINK_CXX_STDLIB=ON -S llvm -B build
cmake --build build --parallel
Also you can use CMake variable LLVM_TARGETS_TO_BUILD
to build only for required platforms, e.g. -DLLVM_TARGETS_TO_BUILD="ARM"
to build only for armv7
cmake --install build --prefix ${ANDROID_NDK}/toolchains/llvm/prebuilt/linux-x86_64/
Here ${ANDROID_NDK}
is path to folder with android-ndk
cp -r ${ANDROID_NDK}/toolchains/llvm/prebuilt/linux-x86_64/lib64/clang/${ANDLLVM}/lib ${ANDROID_NDK}/toolchains/llvm/prebuilt/linux-x86_64/lib/clang/${OLLVM}
Here:
${ANDROID_NDK}
- path to folder with android-ndk${ANDLLVM}
- version of LLVM bundled with android-ndk${OLLVM}
- version of installed LLVM with obfuscation support (selected on paragraph 1)
Also, you can look Wiki of original project
Original project use patched copy of LLVM.
This repo use submodule with LLVM and patch for obfuscation support.
Original project doesn't support options split_num
, sub_loop
, bcf_loop
and bcf_prob
for use in function annotations. This fork support it.