![]() Anyone with any formal training in RE will blast past this. Again, this is an expected move, and the response is to just to step around the offending code, or to modify away the traps. That reverse engineers love to play with. ![]() ![]() Anti-analysis techniques are well known to the reverse engineer, and they can almost be circumvented with a debugger like ollydbg. So that the reverse engineer can have fun with a debugger. Add false pathways to confound static analysis.At some point you will use the standard libary, or the STL, or even make a system call. Honestly, this doesn't help that much, since ultimately your code will have to call some kind of non obfuscated shared library to get anything done. Where you can give the reverse engineer useless function names. ![]() It depends on who you are dealing with, but if your reverse engineer is smart enough to use IDA Pro and a couple of plugins, and a good debugger then it shall all be for naught. Obfuscating C++ binaries is a bit of a losing battle. I wouldn't put much energy to doing it very thoroughly, because the reverse engineer is going to win this round.
0 Comments
Leave a Reply. |