This repository was archived by the owner on Jan 25, 2024. It is now read-only.
This repository was archived by the owner on Jan 25, 2024. It is now read-only.
Split antidebug/antitracing techniques from the code-complexity-and-obfuscation document #10
Description
Explain various obfuscations in detail:
- obfuscate code (antidisasm tricks)
- obfuscate data (strings, files)
- obfuscate metadata (objc, symbols)
Expose the decompilation information on every language (java, js, objc, swift, C, ..)
- swift is not as introspectable as objc
Anti-debug techniques
- restricting debuggers or making debugging complicate have nothing to do with code complexity or obfuscation
- explain how to use the PT_DENY_ATTACH and android:debuggable=false with code
Control flow validation
- flow integrity - verify the workflow is the expected on every function (where do i come from?)
- white box security
- I dont think compiler optimizations should be listed as a way to protect code logic
Anti-RE techniques:
- renaming symbols with wrong or invalid names
- depending on the compiler the final binary can have more than one symbol table
- always verify the resulting binary with strings | grep... (at least)
- i dont think the DRM applied by FairPlay can be in any way a security measure to care because there are several tools (appcake, clutch, r2, dumpdecrypted, ...) to automate this cracking into a single press-enter