Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Take the compiler and run with it: a quick story of Swift obfuscator

Take the compiler and run with it: a quick story of Swift obfuscator

Imagine a group of people with no background in the compilers nor C++.
Imagine them coming across a wonderful open source project, such as the Swift compiler.
What could happen if they started playing with it? Hacking, adding changes left and right, taking parts and making them work the way they were never intended?
Surely, the output would be some gibberish without meaning!
This story really happened. Come to listen how and why. Sometimes the gibberish is exactly what you need.

43d2bef703ec7165166f161f137ac54f?s=128

Krzysztof Siejkowski

June 06, 2018
Tweet

Transcript

  1. Take the compiler and run with it A quick story

    of Swift obfuscator Krzysztof Siejkowski, @_siejkowski
  2. None
  3. In software development, obfuscation is the deliberate act of creating

    source or machine code that is difficult for humans to understand — Wikipedia
  4. None
  5. None
  6. None
  7. None
  8. @objc NSObject

  9. None
  10. Source code Binary Compilation Attacker Obfuscation

  11. Source code Obfuscated binary Compilation Attacker Obfuscation Example: iXGuard by

    GuardSquare
  12. Source code Obfuscated
 binary Obfuscating
 Compilation Attacker Obfuscation Example: Obfuscator-LLVM

  13. Obfuscated source code Obfuscated binary Compilation Attacker Obfuscation Example: ???

  14. None
  15. None
  16. Obfuscated source code Obfuscated binary Compilation Attacker Obfuscation Example: WE

  17. Source code Parse Find symbols Analyze symbols Obfuscated source code

    Rename
  18. Compiler ✨

  19. None
  20. None
  21. None
  22. None
  23. None
  24. None
  25. Swift compiler 
 as a library?

  26. swiftParse swiftDriver swiftAST swiftSyntax swiftBasic

  27. swiftParse swiftDriver swiftAST swiftSyntax swiftBasic

  28. swiftParse swiftDriver swiftAST swiftSyntax swiftBasic swift swift-syntax- test swift-refactor

  29. swiftParse swiftDriver swiftAST swiftSyntax swiftBasic swift swift-syntax- test swift-refactor

  30. swiftParse swiftDriver swiftAST swiftSyntax swiftBasic swiftObfuscation obfuscator-renamer obfuscator-symbol- extractor

  31. None
  32. None
  33. Source code MAGIC
 % Analyzed 
 source code

  34. swiftFrontend Source code CompilerInstance. performSema() Analyzed 
 source code

  35. None
  36. swiftAST Analyzed 
 source code SourceFileWalker Symbols
 with locations

  37. Symbols 
 with locations MAGIC % Obfuscated source files

  38. swiftIDE Symbols 
 with locations SourceEngine & SourceManager Obfuscated source

    files
  39. None
  40. None
  41. Supports Not supports

  42. Supports Not supports DSYM file generation Multiple targets Some exotic

    Swift constructs
  43. Supports Not supports Renames in Storyboards and XIBs DSYM file

    generation Excluding configuration Multiple targets Simple integration (local & CI) Some exotic Swift constructs
  44. Open source github.com/Polidea/SiriusObfuscator

  45. None
  46. Pros Cons Anything compiler can do, 
 you can do

    too!
  47. Pros Cons Anything compiler can do, 
 you can do

    too! No stable API, 
 breaking changes any time
  48. Pros Cons Anything compiler can do, 
 you can do

    too! No stable API, 
 breaking changes any time So many tools available!
  49. Pros Cons Anything compiler can do, 
 you can do

    too! No stable API, 
 breaking changes any time So many tools available! Compiler libs are designed for compilation, not for your needs
  50. Pros Cons Anything compiler can do, 
 you can do

    too! No stable API, 
 breaking changes any time So many tools available! Compiler libs are designed for compilation, not for your needs Support for both 
 Swift and Objective-C
  51. Pros Cons Anything compiler can do, 
 you can do

    too! No stable API, 
 breaking changes any time So many tools available! Compiler libs are designed for compilation, not for your needs Support for both 
 Swift and Objective-C Might be too much to support
  52. Alternatives • libSyntax • SourceKit • existing swift tools

  53. None
  54. github.com/Polidea/SiriusObfuscator Documentation

  55. @KacperHarasim

  56. Thank you! @_siejkowski