-
Notifications
You must be signed in to change notification settings - Fork 550
Usage
The following flags are supported
-
-enable-bcfobf
Enable Bogus Control Flow -
-enable-cffobf
Enable Control Flow Flattening -
-enable-splitobf
Enable Basic Block Spliting -
-enable-subobf
Enable Instruction Substitution -
-enable-acdobf
Enable AntiClassDump Mechanisms -
-enable-indibran
Enable Register-Based Indirect Branching -
-enable-strcry
Enable String Encryption -
-enable-funcwra
Enable Function Wrapper -
-enable-fco
Enable FunctionCallObfuscate. (See HERE for full usage)
And there is an extra -enable-allobf
that enables all the aforementioned obfuscations.
The flags are LLVM-level flags. Unless you are hacking LLVM itself, in which case I believe you already know all these, otherwise you are probably using the compiler frontend, In which case you should add a prefix (-mllvm
for Clang) to each option and add them to CFLAGS. For example enable everything and set the probability of BogusControlFlow to 100% would be adding -mllvm -enable-allbcf -mllvm -bcf_prob=100
to CFLAGS.
Flags marked with LTO should be passed at LTO stage, this is done though linker flags,which is something like -Wl,-mllvm,-enable-symobf
Turn off optimizer so compiler's aggressive optimization won't fuck up our obfuscation