Skip to content
This repository has been archived by the owner on Sep 25, 2023. It is now read-only.

Usage

Jump to bottom
Zhang edited this page Apr 28, 2019 · 5 revisions

The following flags are supported

  • -enable-bcfobf Enable BogusControlFlow
  • -enable-cffobf Enable Flattening
  • -enable-splitobf Enable BasicBlockSpliting
  • -enable-subobf Enable Instruction Substitution
  • -enable-acdobf Enable AntiClassDump Mechanisms
  • -enable-indibran Enable Register-Based Indirect Branching
  • -enable-strcry Enable String Encryption
  • -enable-funcwra Enable Function Wrapper

And there is an extra -enable-allobf that enables all the aforementioned obfuscations.
The flags are LLVM-level flags. Unless you are hacking LLVM itself, in which case I believe you already know all these, otherwise you are probably using the compiler frontend, In which case you should add prefix -mllvm to each option and add them to CFLAGS. For example enable everything and set the probability of BogusControlFlow to 100% would be adding -mllvm -enable-allbcf -mllvm -bcf_prob=100 to CFLAGS.
Flags marked with LTO should be passed at LTO stage, this is done though linker flags,which is something like -Wl,-mllvm,-enable-symobf

Turn off optimizer so compiler's aggressive opimization won't fuck up our obfuscation

Summary

Clone this wiki locally