Obfuscate'ing a.out ???

This is a discussion on Obfuscate'ing a.out ??? within the C Programming forums, part of the General Programming Boards category; Hi all, Am a C newbie ... mainly wanting to use it for the meantime to execute my UNIX scripts ...

  1. #1
    Registered User
    Join Date
    May 2010
    Posts
    2

    Obfuscate'ing a.out ???

    Hi all,

    Am a C newbie ... mainly wanting to use it for the meantime to execute my UNIX scripts via the system command ... :-)

    Eventually, I will want to do more C programming if I can ...

    Anyway, I just want to know if it is possible to further obfuscate the a.out

    Presently, I have a very simple .c file as below:

    Code:
    #include<stdio.h>
    
    main()
    {
       printf("Hello World !!! \n");
       system("x1.pl");
       system("pwd");
    }
    I compile it as cc x.c which produces the default a.out output. If I run strings a.out it shows the following:

    Code:
    /lib64/ld-linux-x86-64.so.2
    _Jv_RegisterClasses
    __gmon_start__
    libc.so.6
    printf
    system
    __libc_start_main
    GLIBC_2.2.5
    Hello World !!!
    x1.pl
    Is it possible to hide or at least "scramble" it so that the strings command will show gibberish? Any advise will be very much appreciated. FYI, OS is Linux and Solaris.

    Thanks in advance.

  2. #2
    Registered User
    Join Date
    Oct 2008
    Posts
    1,262
    You could make a simple function that decodes a string, then encode the strings so that they are decoded properly into their originals, and then use the decoded versions. Fairly easy with only a small amount of knowledge on C.

    Though it's still fairly easy to circumvent.

  3. #3
    Registered User
    Join Date
    Oct 2008
    Location
    TX
    Posts
    2,047
    You'll need to encrypt the a.out file.

  4. #4
    and the hat of sweating
    Join Date
    Aug 2007
    Location
    Toronto, ON
    Posts
    3,545
    Add 128 to each character in your "Hello World" string?
    Unless you've got someone with nothing better to do with their time, they'll just see garbage and forget about it.
    "I am probably the laziest programmer on the planet, a fact with which anyone who has ever seen my code will agree." - esbo, 11/15/2008

    "the internet is a scary place to be thats why i dont use it much." - billet, 03/17/2010

  5. #5
    Registered User
    Join Date
    May 2010
    Posts
    2
    Quote Originally Posted by itCbitC View Post
    You'll need to encrypt the a.out file.
    Hi,

    I believe this is what I wanted, i.e. just to encrypt the a.out file.

    I tried it out using gpg but unfortunately, it is asking for a pass phrase when I run it. is there any way to encrypt it where a pass phrase is not required.

    FYI, when I strings a.out, it shows something like below:


    Code:
    [oracle scripts]$ strings a.out
    /lib64/ld-linux-x86-64.so.2
    _Jv_RegisterClasses
    __gmon_start__
    libc.so.6
    system
    __libc_start_main
    GLIBC_2.2.5
    sqlplus system/oracle@test
    This is from the C source that simply contains:

    Code:
    #include<stdio.h>
    
    main()
    {
       /* system("monitor_standby_physical.sh"); */
    
      system("sqlplus system/oracle@test");
    }

    system/oracle is the username/password.

    Eventually, hopefully, I want to make username and password as C string constants ... unless someone from the forum is kind enough to code the whole lot as my introductory "gift" to C programming ... :-)

    I suppose if I have the username and password as C constants and compile it, it will not show up when you do a strings in which case, I don't need to encrypt a.out anymore.

    For now, until I get more into C, I want to encrypt the a.out file but one where I don't have to specify a pass phrase 'coz some of them will have to run via cron.

    Any other suggestions will be very much appreciated.

    Thanks in advance
    Last edited by newbie01.others; 05-30-2010 at 05:17 AM.

  6. #6
    Registered User
    Join Date
    May 2010
    Location
    Naypyidaw
    Posts
    1,314
    I found something similar at stackoverflow

  7. #7
    Registered User
    Join Date
    Oct 2008
    Posts
    1,262
    Quote Originally Posted by cpjust View Post
    Add 128 to each character in your "Hello World" string?
    Unless you've got someone with nothing better to do with their time, they'll just see garbage and forget about it.
    With nothing better to do with their time? I believe it would be "cracked" with:
    ltrace programname | grep system

    Not too difficult, is it ;-)?

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. Mixing C And C++ Code
    By Dark Dude in forum C++ Programming
    Replies: 13
    Last Post: 03-05-2010, 11:11 AM
  2. *** glibc detected *** a.out: realloc()
    By msshapira in forum C Programming
    Replies: 9
    Last Post: 01-27-2009, 08:49 AM
  3. a.out remains unchanged
    By muthus in forum C Programming
    Replies: 14
    Last Post: 01-19-2008, 04:26 PM
  4. General a.out redirection question under Linux
    By merixa in forum C++ Programming
    Replies: 3
    Last Post: 11-07-2005, 04:36 PM
  5. overgrown .exe files
    By R.Stiltskin in forum C++ Programming
    Replies: 13
    Last Post: 04-09-2004, 11:19 AM

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21