Reputation: 60371
Obfuscation of variable and function names in C++ to prevent basic reverse engineering
On my spare time, I am doing some reverse engineering games with some friends of mine and I would like to know how to prevent as much as possible asm readability. I do not want to "prevent" reverse engineering (after all it will always be possible), I just want to prevent easy understanding of functions/variables by obfuscating them in the assembly code.
For example, if I have declared a function like that in C++:
void thisFunctionReverseAString(std::string& mystring);
I would like to be sure that it will not be possible to get the names thisFunctionReverseAString and mystring from the assembly. Is there any compilation option to do that in g++ or clang++ ?
Upvotes: 6
Views: 4817
Answers (3)
Reputation: 5249
The accepted answer is not correct: function names, class names, and class methods (functions defined within a class) will be preserved and could be extracted from an executable by common tools like NSA's Ghidra
Since class and function names usually bear meaningful mnemonics they can be definitely a huge aid for those who try reverse engineering an app's logic. That's why stripping symbols is a good idea in this case, e.g. this is how the function list looks in Ghidra after the symbols were stripped:
The same can be observed for class names after 'strip' command is applied to an executable. On the picture below you can see that only standard C++ classes are visible
Note that ld's -s flag is obsolete on Mac and will do nothing, so you do need to use 'strip' command explicitly after an executable is built, on Linux you can still use -s to strip symbols.
In general, Ghidra is a great tool that can be used to reverse engineer executables and to answer many questions like the OP's one.
Upvotes: 0
Reputation: 57688
Obfuscation will only help for the source code. The executable, with no debugging information, does not contain variable names or function names.
The process of reverse engineering would involve:
- Converting the executable to assembly language code.
- Converting the assembly code to a high level language code.
- Making sense of the sequentially named functions and variables.
For example, take an executable in FORTRAN (or compiled BASIC) and reverse engineer into C++ source code.
As others have said, there are functions to remove symbols from the Debugging version of an executable. You could start at the beginning and build an executable without symbols, often called a Release version.
Upvotes: 5
Reputation: 27577
Use strip to remove symbols from your executables in Linux. On Windows simple remove pdb files.
Upvotes: 4
Related Questions
- How to hide strings in a exe or a dll?
- Protecting executable from reverse engineering?
- Techniques for obscuring sensitive strings in C++
- C++ code obfuscation for static LIB
- Obfuscating C-based binaries to avoid decompilation
- Deobfuscating C++ source code
- How to obfuscate C++ variables and functions
- How do I hide variable/function names from debuggers?
- Obfuscating C++ Shared Library
- Dynamic obfuscation by self-modifying code