Skip to content

Commit

Permalink
Merge pull request #60 from bluesadi/llvm-14.0.6
Browse files Browse the repository at this point in the history 
Refactor this project and migrate to LLVM 14.0.6 (with NewPassManager)
  • Loading branch information
@bluesadi
bluesadi authored Jan 4, 2024
2 parents 0e4fe5f + a70030e commit 3d501ef
Show file tree
Hide file tree
Showing 34,797 changed files with 5,171,770 additions and 2,240,172 deletions.
The diff you're trying to view is too large. We only load the first 3000 changed files.
46 changes: 37 additions & 9 deletions .github/workflows/c-cpp.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,20 +2,48 @@ name: C/C++ CI

on:
push:
branches: [ "llvm-14.0.6" ]
branches: [ "llvm-14.0.6", "main" ]
pull_request:
branches: [ "llvm-14.0.6" ]
branches: [ "llvm-14.0.6", "main" ]

jobs:
build:
Ubuntu:

runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v3
- name: make build
run: make build
- name: make install
run: make install
- name: make tests
run: make tests
- name: Install ninja-build
run: sudo apt install ninja-build -y
- name: Install z3
run: sudo apt install libz3-dev -y
- name: Install lld
run: sudo apt install lld -y
- name: git submodule update --init
run: git submodule update --init
- name: ./build.sh
run: ./build.sh
- name: Test tiny-aes
run: ./tests/test-aes.sh
- name: Test jsoncpp
run: ./tests/test-jsoncpp.sh
- name: Test json
run: ./tests/test-json.sh
- name: Test openssl
run: ./tests/test-openssl.sh
# Windows:

# runs-on: windows-latest

# steps:
# - uses: actions/checkout@v3
# - name: sudo apt install ninja-build -y
# run: sudo apt install ninja-build -y
# - name: git submodule update --init --recursive
# run: git submodule update --init --recursive
# - name: make build
# run: make build
# - name: make install
# run: make install
# - name: make check
# run: make check
10 changes: 3 additions & 7 deletions .gitignore
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,3 @@
build/
debug/
install/
.vscode
debug.sh
test/aes/TestProgram.out
*.o.tmp
build
install
.vscode
12 changes: 12 additions & 0 deletions .gitmodules
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
[submodule "tests/tiny-AES-c"]
path = tests/tiny-AES-c
url = https://github.com/kokke/tiny-AES-c.git
[submodule "tests/openssl"]
path = tests/openssl
url = https://github.com/openssl/openssl.git
[submodule "tests/jsoncpp"]
path = tests/jsoncpp
url = https://github.com/open-source-parsers/jsoncpp.git
[submodule "tests/json"]
path = tests/json
url = https://github.com/nlohmann/json.git
7 changes: 7 additions & 0 deletions CMakeLists.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
cmake_minimum_required(VERSION 3.20)
project(Pluto)

set(LLVM_ENABLE_PROJECTS "clang;lld" CACHE STRING "")
set(LLVM_TARGETS_TO_BUILD "X86" CACHE STRING "")
set(LLVM_INCLUDE_BENCHMARKS OFF CACHE BOOL "")
add_subdirectory(llvm)
21 changes: 0 additions & 21 deletions LICENSE
View file

This file was deleted.

126 changes: 18 additions & 108 deletions README.md
View file
Original file line number Diff line number Diff line change
@@ -1,119 +1,29 @@
# Pluto-Obfuscator
Pluto-Obfuscator is a code obfuscator based on LLVM 12.0.1 and its LLVM Pass framework. Briefly speaking, Pluto-Obfuscator converts the source code into a functionally equivalent but much less understandable version at compile-time, protecting your software from reverse engineering.
> The documentation of Pluto-Obfuscator is still lacking. I will work on it when I am available.
# Pluto
[English](README.md) | [中文](README_zh-cn.md)

## Features
Pluto-Obfuscator implements multiple algorithms for obfuscation. The first three bold ones are the most recommended as they are relatively stabler and more effective compared to the other:

| Name | Identifier | Documentation | Authors |
| ---- | ---- | ---- | ---- |
| **Control Flow Flattening Enhanced** | fla-ex | - English Documentation<br>- [Chinese Blog](https://bbs.pediy.com/thread-274778.htm) | [@za233](https://github.com/za233) |
| **Globals Encryption** | gle | English Documentation | [@34r7hm4n](https://github.com/bluesadi) |
| **MBA Obfuscation** | mba | - English Documentation<br>- [Chinese Blog](https://bbs.pediy.com/thread-271574.htm) | [@34r7hm4n](https://github.com/bluesadi) |
| Control Flow Flattening| fla | [Ref: obfuscator-llvm/obfuscator](https://github.com/obfuscator-llvm/obfuscator/wiki/Control-Flow-Flattening) | [@34r7hm4n](https://github.com/bluesadi) |
| Bogus Control Flow | bcf | [Ref: obfuscator-llvm/obfuscator](https://github.com/obfuscator-llvm/obfuscator/wiki/Bogus-Control-Flow) | [@34r7hm4n](https://github.com/bluesadi) |
| Instruction Substitution | sub | [Ref: obfuscator-llvm/obfuscator](https://github.com/obfuscator-llvm/obfuscator/wiki/) | [@34r7hm4n](https://github.com/bluesadi) |
| Random Control Flow | rcf | English Documentation | [@34r7hm4n](https://github.com/bluesadi) |
| Variable Substitution | vsb | English Documentation | [@34r7hm4n](https://github.com/bluesadi) |
| Trap Angr | trap-angr | [English Documentation](docs/TrapAngr.md) | [@34r7hm4n](https://github.com/bluesadi) |

Issues and pull requests about the most recommended three algorithms will be handled with priority.
Pluto is a code obfuscator built on top of LLVM 14.0.6 (more in the future...). In summary, Pluto converts the source code into a functionally equivalent but much more complicated form at compile-time, protecting your software from being cracked.

## Installation
The first step is always to clone this repository:
Download source code:
```
$ git clone https://github.com/bluesadi/Pluto-Obfuscator.git
$ cd Pluto-Obfuscator
$ git clone https://github.com/bluesadi/Pluto.git
```

No matter which OS you are using, make sure you include all the following commands in the PATH environment variable:
### Ubuntu
Install z3 (required by MBAObfuscation):
```
gcc g++ cmake ninja
$ sudo apt install libz3-dev
```

If you are using Ubuntu, you may install all the required packages by:
```shell
$ sudo apt install gcc g++ cmake ninja-build
(Optional) Install lld:
```

The final step is to execute `./build.sh`, which is a shell script that automatically compiles this project and install it in the [/install](/install) directory. Such script for MacOS are also available at [build_macos.sh](build_macos.sh). As of Windows, you may execute `./build.sh` on Git Bash (you must have installed it if you get this project by `git clone`).

By default the script utilizes all CPU cores of your machine to compile as fast as possible. If you don't want the compilation occupies all the CPU cores, making your computer laggy, you may specify the maximum cores you want to allocate. Let's say your computer has 16 CPU cores, you can use `./build.sh 12` to tell the script only to use 8 cores for compilation.

**TROUBLE SHOOTING:** LLVM is a rather large project, so please allocate enough memory (at least 8GB) for your virtual machine or WSL during compilation, otherwise you will probably encounter an error message `g++: fatal error: Killed signal terminated program cc1plus` caused by insufficient memory.

## Usage

Now all compiled binaries reside in `/install/bin` directory including `clang` and `clang++` with obfuscation functionalities. You can enable specific obfuscation algorithms by commands in the following format:

```shell
$ ./install/bin/clang[++] [-mllvm -<identifier/options>] [...] <source files> [-o <output file>]
// This is an optional depencency to speed up the linking stage when building LLVM.
// If you don't want to install this dependency, remove the line `set(LLVM_ENABLE_LLD ON)` in CMakeLists.txt
$ sudo apt install lld
```

For example, say you want to have a try at the most recommended combination (I would like to call it FullProtection), you may execute:
```shell
$ ./install/bin/clang++ -mllvm -mba -mllvm -mba-prob=50 -mllvm -fla-ex -mllvm -gle test/aes/aes.cpp test/aes/test.cpp -o test/aes/test
$ ./test/aes/test flag{s1mpl3_11vm_d3m0}
Welcome to LLVM world...
Your flag is: flag{s1mpl3_11vm_d3m0}
Congratulations~
Install Ninja and other dependencies:
```

<!-- ### Filter Mode
In case you just want to obfuscate specific functions, Pluto-Obfuscator also provides a filter mechanism using annotation, to help you specify which functions should or should not be obfuscated.
To enable this mechanism, you should pass `-mllvm -filter-mode=include` or `-mllvm -filter-mode=exclude` to clang as an argument.
- `-filter-mode=include`: only those functions with "include" annotation will be obfuscated.
- `-filter-mode=exclude`: ignore those functions with "exclude" annotation.
- `-filter-mode=none`: all functions will be processed. (by defualt)
For example:
```shell
clang++ TestFilter.cpp -mllvm -fla -mllvm -filter-mode=include -o TestFilter_include # include mode
clang++ TestFilter.cpp -mllvm -fla -mllvm -filter-mode=exclude -o TestFilter_include # exclude mode
clang++ TestFilter.cpp -mllvm -fla -mllvm -o TestFilter_include # default mode
$ sudo apt install ninja-build cmake python3 gcc g++
```
Following is a self-explanatory snippet showing how to annonate functions. In this case, only foo1 will be obfuscated in `include` mode. Only foo2 will be ignored in `exclude` mode. And foo3 will always be obfuscated:
```cpp
#define FUNC_INCLUDE __attribute__((annotate("include")))
#define FUNC_EXCLUDE __attribute__((annotate("exclude")))
FUNC_INCLUDE
void foo1(){ }
FUNC_EXCLUDE
void foo2(){ }
void foo3(){ }
int main(){
foo1();
foo2();
foo3();
}
``` -->

## Testing
**IMPORTANT:** I would really appreciate you would like to contribute to Pluto-Obfuscator by creating pull requests. Please test your modified code on the test cases as follows.

### Quick Test on AES
Usage: `./fast-check.sh [identifiers/options]` (e.g., `./fast-check.sh mba mba-prob=50 fla-ex gle`).

See [fast-check.sh](fast-check.sh) and [test/aes](test/aes/).

### Test on libsecp256k1
Usage: `./check.sh [identifiers/options]` (e.g., `./check.sh mba mba-prob=50 fla-ex gle`)

Generally, it will cost several minutes to be done, much slower compared to the AES test.

Passed Parameters:
- Flattening: `fla`
- FlatteningEnhanced: `fla-ex`
- Substitution: `sub`
- GlobalsEncryption: `gle`
- MBAObfuscation: `mba mba-prob=100`
- FullProtection: `mba mba-prob=50 fla-ex gle`

See [check.sh](check.sh) and [test/secp256k1](test/secp256k1/).
Build and install Pluto to `./install` directory:
```
$ ./build.sh
```
34 changes: 6 additions & 28 deletions build.sh
View file
Original file line number Diff line number Diff line change
@@ -1,29 +1,7 @@
processors=$1
if [ -z $processors ]; then
processors=$(nproc)
fi

mkdir -p build
cd build

if [ "$(uname)" == "Darwin" ]; then
cmake -G "Ninja" -DLLVM_ENABLE_PROJECTS="clang" \
-DCMAKE_C_COMPILER=gcc -DCMAKE_CXX_COMPILER=g++ \
-DCMAKE_BUILD_TYPE=Release \
-DDEFAULT_SYSROOT=$(xcrun --show-sdk-path) \
-DCMAKE_OSX_SYSROOT=/Library/Developer/CommandLineTools/SDKs/MacOSX$(xcrun --show-sdk-version).sdk \
-DCMAKE_OSX_ARCHITECTURES="arm64;x86_64" \
-DCMAKE_INSTALL_PREFIX="../install" \
../llvm
else
cmake -G "Ninja" -DLLVM_ENABLE_PROJECTS="clang" \
-DCMAKE_C_COMPILER=gcc -DCMAKE_CXX_COMPILER=g++ \
-DCMAKE_BUILD_TYPE=Release -DLLVM_TARGETS_TO_BUILD="X86" \
-DBUILD_SHARED_LIBS=On -DCMAKE_INSTALL_PREFIX="../install" ../llvm
fi

echo "-- Building on $(uname)"
echo "-- Building with $processors CPU cores"

ninja -j$processors
ninja install
cmake -G Ninja -S . -B build \
-DCMAKE_C_COMPILER="gcc" \
-DCMAKE_CXX_COMPILER="g++" \
-DCMAKE_INSTALL_PREFIX="install" \
-DCMAKE_BUILD_TYPE=Release
ninja -j`nproc` -C build install
17 changes: 0 additions & 17 deletions check.sh
View file

This file was deleted.

23 changes: 2 additions & 21 deletions clang/.clang-tidy
View file
Original file line number Diff line number Diff line change
@@ -1,24 +1,5 @@
Checks: '-*,clang-diagnostic-*,llvm-*,misc-*,-misc-unused-parameters,-misc-non-private-member-variables-in-classes,-readability-identifier-naming'
# Note that the readability-identifier-naming check is disabled, there are too
# many violations in the codebase and they create too much noise in clang-tidy
# results.
# Naming settings are kept for documentation purposes and allowing to run the
# check if the users would override this file, e.g. via a command-line arg.
CheckOptions:
- key: readability-identifier-naming.ClassCase
value: CamelCase
- key: readability-identifier-naming.EnumCase
value: CamelCase
- key: readability-identifier-naming.FunctionCase
value: camelBack
- key: readability-identifier-naming.MemberCase
value: CamelCase
- key: readability-identifier-naming.ParameterCase
value: CamelCase
- key: readability-identifier-naming.UnionCase
value: CamelCase
- key: readability-identifier-naming.VariableCase
value: CamelCase
- key: readability-identifier-naming.IgnoreMainLikeFunctions
value: 1

Checks: '-readability-identifier-naming'
InheritParentConfig: true
4 changes: 0 additions & 4 deletions clang/.gitignore
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,13 +26,9 @@ cscope.out
#==============================================================================#
# Directories to ignore (do not add trailing '/'s, they skip symlinks).
#==============================================================================#
# Clang extra user tools, which is tracked independently (clang-tools-extra).
tools/extra
# Sphinx build products
docs/_build
docs/analyzer/_build
# debug info testsuite
test/debuginfo-tests

# VS2017 and VSCode config files.
.vscode
Expand Down
Loading

0 comments on commit 3d501ef

Please sign in to comment.