Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Take the compiler and run with it: a quick story of Swift obfuscator

Krzysztof Siejkowski
June 06, 2018
Programming
0
200

Take the compiler and run with it: a quick story of Swift obfuscator

Imagine a group of people with no background in the compilers nor C++.
Imagine them coming across a wonderful open source project, such as the Swift compiler.
What could happen if they started playing with it? Hacking, adding changes left and right, taking parts and making them work the way they were never intended?
Surely, the output would be some gibberish without meaning!
This story really happened. Come to listen how and why. Sometimes the gibberish is exactly what you need.

Krzysztof Siejkowski

June 06, 2018
Tweet

More Decks by Krzysztof Siejkowski

See All by Krzysztof Siejkowski
Container types and how to use them
siejkowski
2
160
Matryoshka in Swift: handle nested containers with grace
siejkowski
0
180
Container types in Swift without 🤯
siejkowski
1
250
Swift compiler as a library: obfuscator case
siejkowski
0
160
RxSwift: Deep Cuts
siejkowski
2
520
A Neatly Typed Message
siejkowski
2
1.5k
RxSwift: an elegant weapon for a statically typed age
siejkowski
1
420
swift-for-backend-SNAPSHOT-2016-03
siejkowski
3
880
Dobry zwyczaj: nie odziedziczaj
siejkowski
0
190

Other Decks in Programming

See All in Programming
実践!Swift API Design Guidelinesに基づいた簡潔明瞭なAPIの作り方
jrsaruo
1
220
新卒研修でNext.js AppRouterを導入した 学びと反省
iuchimasatoshi
1
220
作って学ぶadbプロトコル / Create and learn adb protocols
ntsk
0
910
RustでWasm Runtimeを書いた in WebAssembly night #11
skanehira
0
300
アジャイルのライトウィングとレフトウィングはひとりで両方できなくてもいいんじゃない? - “ひとりでできるもん”から“みんなでできるもん”への道のり
psj59129
0
240
理解して導入するWebフレームワーク ~解決すべき課題に着目する~ / Understanding and implementing web frameworks ~focusing on the problems to be solved~
seike460
PRO
3
580
第6回 AWSとGitHub勉強会 - AWS ECS Fargate環境の構築 -
ogiwarat
0
140
Gradle Convention Plugins
jmatsu
1
520
Astro 3.0入門
nozaki
0
200
マイクロサービス環境におけるToilを削減するTerraformの活用 in DMMプラットフォーム
pospome
1
220
GDSC NYCU 2023 茶會
rabbitmagician1
1
270
どうするLeSS - スクラムフェス三河2023.9.16
stanby_inc
1
130

Featured

See All Featured
Building a Scalable Design System with Sketch
lauravandoore
453
31k
Raft: Consensus for Rubyists
vanstee
130
5.9k
Optimizing for Happiness
mojombo
368
67k
Documentation Writing (for coders)
carmenintech
55
3.3k
In The Pink: A Labor of Love
frogandcode
135
21k
Art Directing for the Web. Five minutes with CSS Template Areas
malarkey
197
11k
Web Components: a chance to create the future
zenorocha
304
41k
Adopting Sorbet at Scale
ufuk
66
8.1k
Product Roadmaps are Hard
iamctodd
42
8.7k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
10
1.2k
Learning to Love Humans: Emotional Interface Design
aarron
265
38k
Unsuck your backbone
ammeep
660
56k

Transcript

  1. Take the compiler
    and run with it
    A quick story of Swift obfuscator
    Krzysztof Siejkowski, @_siejkowski

    View Slide

  2. View Slide

  3. In software development,
    obfuscation is the deliberate act of
    creating source or machine code that
    is difficult for humans to understand
    — Wikipedia

    View Slide

  4. View Slide

  5. View Slide

  6. View Slide

  7. View Slide

  8. @objc
    NSObject

    View Slide

  9. View Slide

  10. Source
    code
    Binary
    Compilation
    Attacker
    Obfuscation

    View Slide

  11. Source
    code
    Obfuscated
    binary
    Compilation
    Attacker
    Obfuscation
    Example: iXGuard by GuardSquare

    View Slide

  12. Source
    code
    Obfuscated

    binary
    Obfuscating

    Compilation
    Attacker
    Obfuscation
    Example: Obfuscator-LLVM

    View Slide

  13. Obfuscated
    source
    code
    Obfuscated
    binary
    Compilation
    Attacker
    Obfuscation
    Example: ???

    View Slide

  14. View Slide

  15. View Slide

  16. Obfuscated
    source
    code
    Obfuscated
    binary
    Compilation
    Attacker
    Obfuscation
    Example: WE

    View Slide

  17. Source
    code
    Parse
    Find symbols
    Analyze symbols
    Obfuscated
    source
    code
    Rename

    View Slide

  18. Compiler ✨

    View Slide

  19. View Slide

  20. View Slide

  21. View Slide

  22. View Slide

  23. View Slide

  24. View Slide

  25. Swift compiler 

    as a library?

    View Slide

  26. swiftParse
    swiftDriver
    swiftAST
    swiftSyntax
    swiftBasic

    View Slide

  27. swiftParse
    swiftDriver
    swiftAST
    swiftSyntax
    swiftBasic

    View Slide

  28. swiftParse
    swiftDriver
    swiftAST
    swiftSyntax
    swiftBasic
    swift
    swift-syntax-
    test
    swift-refactor

    View Slide

  29. swiftParse
    swiftDriver
    swiftAST
    swiftSyntax
    swiftBasic
    swift
    swift-syntax-
    test
    swift-refactor

    View Slide

  30. swiftParse
    swiftDriver
    swiftAST
    swiftSyntax
    swiftBasic
    swiftObfuscation
    obfuscator-renamer
    obfuscator-symbol-
    extractor

    View Slide

  31. View Slide

  32. View Slide

  33. Source code
    MAGIC

    %
    Analyzed 

    source code

    View Slide

  34. swiftFrontend
    Source code
    CompilerInstance.
    performSema()
    Analyzed 

    source code

    View Slide

  35. View Slide

  36. swiftAST
    Analyzed 

    source code
    SourceFileWalker
    Symbols

    with locations

    View Slide

  37. Symbols 

    with locations
    MAGIC
    %
    Obfuscated
    source files

    View Slide

  38. swiftIDE
    Symbols 

    with locations
    SourceEngine &
    SourceManager
    Obfuscated
    source files

    View Slide

  39. View Slide

  40. View Slide

  41. Supports Not supports

    View Slide

  42. Supports Not supports
    DSYM file generation
    Multiple targets
    Some exotic Swift constructs

    View Slide

  43. Supports Not supports
    Renames in Storyboards and XIBs DSYM file generation
    Excluding configuration Multiple targets
    Simple integration (local & CI) Some exotic Swift constructs

    View Slide

  44. Open source
    github.com/Polidea/SiriusObfuscator

    View Slide

  45. View Slide

  46. Pros Cons
    Anything compiler can do, 

    you can do too!

    View Slide

  47. Pros Cons
    Anything compiler can do, 

    you can do too!
    No stable API, 

    breaking changes any time

    View Slide

  48. Pros Cons
    Anything compiler can do, 

    you can do too!
    No stable API, 

    breaking changes any time
    So many tools available!

    View Slide

  49. Pros Cons
    Anything compiler can do, 

    you can do too!
    No stable API, 

    breaking changes any time
    So many tools available!
    Compiler libs are designed for
    compilation, not for your needs

    View Slide

  50. Pros Cons
    Anything compiler can do, 

    you can do too!
    No stable API, 

    breaking changes any time
    So many tools available!
    Compiler libs are designed for
    compilation, not for your needs
    Support for both 

    Swift and Objective-C

    View Slide

  51. Pros Cons
    Anything compiler can do, 

    you can do too!
    No stable API, 

    breaking changes any time
    So many tools available!
    Compiler libs are designed for
    compilation, not for your needs
    Support for both 

    Swift and Objective-C
    Might be too much to support

    View Slide

  52. Alternatives
    • libSyntax
    • SourceKit
    • existing swift tools

    View Slide

  53. View Slide

  54. github.com/Polidea/SiriusObfuscator
    Documentation

    View Slide


  55. @KacperHarasim

    View Slide

  56. Thank you!
    @_siejkowski

    View Slide