Skip to content

iOS混淆加固差异化翻新加密工具,模拟人工手动混淆,识别上下文 ,支持继承链、类型识别、方法多参等复杂高级混淆。source-to-source obfuscation of iOS projects,Xcode's refactor->rename. 告别插入毫无关联的垃圾代码、弃用无脑单词随机拼接替换,模拟正常开发,一款最好的

Notifications You must be signed in to change notification settings

weizixuanDavid/confuse

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

English | 中文

Preface

By chance, I ran into the iOS vest bag business . I also used other tools on the market in the early stage, but the actual effect was not ideal. After a lot of practice, a full-featured obfuscation tool has been developed . The tool have been packaged into a Mac application which support multiple programming languages, such as OC, C++, Swift. More functions are still being packaged, so stay tuned.

Prompt

In order to let everyone get started quickly and compare the effects of confusion, a new test project confuse_test was created. If you encounter problems during actual use, welcome to extend the test project. Please indicate the bug details in the project, and there will be rewards.

Instructions for the old version before 1.2.0:   Introduction: No grammar and compilation requirements are involved, but partial omissions or corrections may occur after confusion, please add to the blacklist filter by yourself.   Applicable projects: RN and other mixed projects that have not yet been adapted.   Conditions of use: temporarily unavailable, reopen later

Readme

The essence of vest bag:

  1. The first stage reduces the repetition rate. The initial version of my development is basically similar to other tools currently on the market, mainly the basic function of global substitution of class name, method name, and variable name.
  2. The second stage reduces the similarity (normal distribution of the same elements). At present, the tool has been greatly improved after optimization and continuous reconstruction, and it basically meets the requirements in this respect. For details, see the following function introduction. There are two sides to everything. The more powerful the function, the longer it will take to confuse. If your project is large, it is possible to confuse for a few hours. Please do not take offense, and continue to optimize.

Distinguish the pros and cons of tools

In fact, to identify the pros and cons of a tool, just look at the following points:

  1. Can modify all attributes, methods, and all parameter names of methods
  2. Modify the name of the member (attribute, method), can it be distinguished by class, or a simple global replacement
  3. Can modify the method with block parameters, a typical network request

For example:+ (BOOL)post:(NSString *)url parameters:(NSDictionary *)parameters success:(HttpRequestResponse)success error:(HttpRequestResponse)error;

  1. The length of the changed name of the method name and attribute name (this tool can guarantee that 60~80% of the changed name is a common word, such as name, title, etc., and ensure that it does not conflict with the system.Completely abandon the simple practice of relying on a large number of word libraries to ensure the uniqueness of naming, The real simulation of manual development)
  2. Modify the layout (Frame, Masonry, SDAutoLayout)
  3. Is the code inserted or "garbage" (this tool creates custom controls, encapsulates network requests, and uses MVC pattern association between files to completely bid farewell to "garbage" and mix the spurious with the genuine).
  4. Not to mention "Who else..." can identify macros, distinguish contextual content such as inheritance chains, and intelligently identify unmodifiable parts

For example: + (void)init ;-(void)reloadData; basically can be changed, who else can do it? "

  1. Normal projects (or third-party libraries) basically do not report errors after obfuscation (except for some individual improper grammars that cause confusion and report errors)

Test engineering description:

confuse_test: Contains oc, c++, swift and some third-party use cases to quickly verify the overall effect
confuse_test_oc: only contains oc, which is convenient to verify the effect of each function
confuse_test_swift: only contains swift, the code comes from Apple's official example code, which is convenient to verify the effect of each function

The source code can be modified arbitrarily to verify the actual effect. It is recommended to use different tools to confuse the above test projects or third-party open source library projects to compare the effects.

Features

confuse is a confusion tool that simulates manual development as much as possible, imitates some functions of Xcode, and avoids machine core 4.3, 2.1, 2.3.1, account surveys, etc.
Goal: Simulate manually modify everything that can be changed , which is why this tool only has a blacklist and no whitelist
The detailed functions are as follows (the basic functions are not described, see other tools for details):

Completed

The following functions are supported:

  1. Blacklist (secondary) filtering, freely control the obfuscated content of each function, and adapt to almost all projects.
  2. Confusion percentage control, you can freely adjust according to the actual needs of your own project
  3. Smart noun substitution:
    1. When renaming, use the combination of related type existing information + similar semantics + type + some old vocabulary, and filter sensitive words. At the same time, users can also customize sensitive words.Deprecate'random word brainless combination'
    2. Different types of members with the same name -> different types of members with different names, and different types of different name members -> different types of members with the same name, simulating normal development. Members refer to methods, attributes, and functions
  4. Intelligent identification of unmodifiable parts: Identifying systems, third parties, and Pod methods through types and inheritance chains is not a'simple' equality judgment, for example:
    1. Class method: + (void)init; in principle, it can be changed anywhere
    2. Object method:-(void)reloadData; can be changed if it is not a subclass of UITableView
    3. Property: @property (readonly) NSUInteger length; it can be changed if it is not a subclass of NSString

General part

  1. [Project Configuration], as long as you select the project path, other default configurations will be automatically completed
    1. Global setting "Ignore path", support regular, better use with blacklist
    2. ' xcodeproj' setting, for multiple xcodeproj projects and xx.xcodeproj is not in the project root directory
    3. 'Scheme' is confused and consistent with Xcode
    4. 'Debug mode', It is convenient to view the comparison before and after the modification in the source file, and insert some special annotations to facilitate the location of the bug.
    5. 'Hybrid mode', this mode is used to process the swift call oc part of the mixed project, to ensure that the call relationship is maintained after confusion
    6. 'Reference project root path' setting, read the word and UUID of the reference project
    7. 'Sensitive words' filtering
    8. ' Version iteration confusion ', iteratively update after review, continue to use the last time (you can also choose the version arbitrarily) to obfuscate the record incremental confusion, maintain version continuity, and simulate normal development. Advantages: Development and obfuscation are synchronized and independent . The main functions currently support update confusion
  2. [Antivirus], Xcode poisoning, XCSSET Malware
    1. 'UUID suffix', the virus will randomly insert UUID with a fixed suffix, regular scanning
    2. 'Script path feature', a suspicious script will be executed before virus compilation, support regular scanning
    3. 'Run script code flag', a suspicious script code will be executed before virus compilation, support regular scanning
  3. [Resource replacement], specify the resource folder that needs to be replaced before obfuscation , and automatically replace the file with the same name, which is convenient and quick
  4. [Remove comment], identify single-line, multi-line comments
  5. [Edit picture], quality modification, size shift, local pixel fine-tuning,RGBA offset,mode modification (support hot update)
  6. [Modify Lottie], simulate the real Lottie file structure, modify and expand the source file, basically does not affect the actual effect
  7. [Modify file attributes], such as creation time, access time, modification time
  8. [Modify item], no need to delete Cocoapods
    1. Can be set to'modify uuid', completely refurbished
    2. Customize the name of the'modify target', and the associated information will be updated synchronously
  9. Automatic source code backup

Objective-C

  1. [Rename picture], intelligent noun replacement , automatically correct the situation that the picture name and the xcassets folder name do not correspond
    1. You can set the 'Run splicing name', which is used for the image name generated by splicing strings at runtime
    2. You can set the 'rename associated string' to modify the situation where the string is equal to the picture name
    3. You can set the 'specified ignore length', the length of the picture name is less than the specified length is a dangerous name, it will be ignored
    4. You can set 'ignore danger', which has the same name as the dictionary key, and it will be ignored
    5. You can set 'associated files', other files containing picture names
  2. [Insert picture], automatically insert pictures, and simulate manual calls according to context and type, and the number of inserts can be specified
  3. [Rename property], support all types of @property , advantages:
    1. Identify grammar, identify type, inheritance relationship, attribute name confusion and class name (including inheritance chain) association , automatically identify system attributes
    2. You can set the 'Model suffix' to facilitate filtering Model
    3. You can set the 'Model mapping', automatically insert the mapping relationship, and match the background data
  4. [Insert property], creation, assignment, and modification are all associated with existing types, smart noun replacement
    1. 'Percentage control'
    2. 'Model suffix' switch, purpose: to avoid model archiving or data transfer failure
    3. Can be executed multiple times, the index x2 increases
  5. [Rename method], similar to Xcode's Rename function , advantages:
    1. Syntax-related, identification of types, inheritance relationships, support for multi-parameter modification, confusion of method names, class names (including inheritance chains) and type associations , automatic identification of system methods
  6. [Insert method], insert and call context-related methods, bid farewell to "garbage code", advantages:
    1. According to the return value type of the method, create the corresponding method in the category. At the same time , the return value of the original method is encapsulated and use (local variables, attributes, formal parameters) called.
    2. Can be executed multiple times, the index x2 increases
  7. [Modification method], simulating manual package call, advantages:
    1. Split the call to the original method and adjust it locally according to the parameter type (support inheritance) . For details, see the summary table of supported parameter types.
    2. Can be executed multiple times, the index x2 increases
  8. [Rename global variables], smart noun substitution
  9. [Modify global variables], replace global variable names, convert global variables into global functions , and confuse string variable values
  10. [Insert local variable], single-line compound call becomes simple multi-line call, change the execution order
  11. [Modify local variable], simulate manual encapsulation call, variable name association type, advantages:
    1. Local variable values remain unchanged during operation, see the summary table of supported types for details
    2. Can be executed multiple times, the index x2 increases
  12. [Rename multilingual], using a system of direct or indirect methods NSLocalizedString , NSLocalizedStringFromTable multilingual modified,The custom packaging methods require manual processing
  13. [Modify string], support arbitrary string, encryption processing (hard code -> memory), the original string is kept in the comment for easy inspection
    1. Set the'minimum length' filter
    2. You can also set the " effective number" to use together
  14. [Modify xib, storyboard], automatically insert the view, and modify the internal structure properties
  15. [Modify font] , randomly fine-tune the font used in the project, and identify macros
  16. [Modify color], randomly shift the color of the UI controls in the project, and identify the macro
  17. [UI layout offset], support Frame, Masonry, SDAutoLayout common layout fine-tuning
  18. [Insert file], generate other files (Combined with network, storage, and MVC to ensure that the code has high relevance and practical significance), automatic high-related calls in the project ; Note: (Under the project root path, a folder of " other_xxx_file " will be generated , and the sub-option Target controls Import method, if it is empty, you need to manually import, just drag the generated folder into the project; otherwise, automatically import)
  19. [Insert text], Generate json, txt, plist and other common text files, automatic high-related calls in the project ; note: (under the project root path, a folder of " other_xxx_text " will be generated , and the generated files will be automatically imported )
  20. [Rename class], the class name is not limited (for example: my, My), you can specify to add a prefix, support class|struct|protocol,advantages:
    1. Smart noun substitution
    2. Can be set to'rename files with the same name'
    3. You can set'rename similar strings', (ignore | equal | include) three modes
    4. Added 'correct non-standard dot grammar', calling for non-standard dot grammar (methods are called as attributes)

C++

  1. [Rename attribute], support all type attributes, recognize syntax, recognize type, inherit
  2. [Insert attributes], insert attributes (member variables) and call each other to modify, automatic initialization, destruction, and assignment modification in other methods and other similar manual operations, support'percentage control'
  3. [Rename method], similar to Xcode's Rename function, identifying types, templates, overloading, rewriting, inheritance, etc.
  4. [Modification method], use overloading technology to modify the function prototype and call the modified parameter
  5. [Modify string], support arbitrary string, encryption processing (hard code -> memory), the original string is kept in the comment for easy inspection
    1. Set the'minimum length' filter
    2. You can also set the " effective number" to use together
  6. [Rename class], support template and other types
    1. Can switch the old mode
    2. Prefix setting
    3. Can be set to'rename files with the same name'

Cocos2d-x

This part of the function is integrated into C++ and supports cocos2dx automatic filtering

Swift

Adapt to Swift5.3, the SPM package management project has not yet been tested

  1. [Rename global method] to automatically identify system methods
    1. Can set 'parameter label', support hidden parameter label and trailing closure usage
  2. [Rename picture], smart noun replacement, and automatically correct the situation where the picture name and the xcassets folder name do not correspond to each other
    1. You can set the 'Run splicing name', which is used for the image name generated by splicing strings at runtime
    2. You can set the 'specified ignore length', the length of the picture name is less than the specified length is a dangerous name, it will be ignored
    3. You can set 'ignore danger', which has the same name as the dictionary key, and it will be ignored
    4. You can set 'associated files', other files containing picture names
  3. [Rename lottie] to adapt to various scenarios
    1. You can set the 'run splicing name', which is used for the lottie name generated by string splicing at runtime
    2. You can set the 'specified Ignore Length', if the length of the lottie name is less than the specified length, it is a dangerous name and will be ignored
    3. You can set 'ignore danger', which has the same name as the dictionary key, and it will be ignored
  4. [Insert picture], which automatically inserts pictures, and simulates manual calls according to the context and type, and the number of insertions can be specified
  5. [rename enum], identify associated and primitive values
    1. 'Original value' can be set to refine the control range
  6. [Rename attribute], basic function, without too much description, advantages:
    1. Similar to OC [Rename attribute], identify inheritance chain and nested type, support storage and calculation of attributes, observers, wrappers, class attributes
    2. You can set the 'Model suffix' to facilitate filtering Model
    3. You can set the 'Model mapping', automatically insert the mapping relationship, and match the background data
  7. [Insert property], use calculated properties to wrap and call and replace the original properties
    1. Support storage and calculation of attributes, observers, wrappers, class attributes
    2. File name Model suffix filtering can be set
  8. [Rename method], the basic functions are renamed similar to other tools, without too much description, advantages:
    1. Can set 'parameter label', support hidden parameter label and trailing closure usage
    2. Identification of inheritance chain nested types, support for (class, struct, enum) static methods and instance methods, and optional chains, etc.
  9. [Insert method], encapsulate the return value of the original method and use the context to call additional associated methods, saying goodbye to "garbage code"
  10. [Modification method], use overloading technology to modify the function prototype and call the modified parameter
  11. [Rename global variables], smart noun substitution
  12. [Modify font] , randomly fine-tune the font used in the project, and identify macros
  13. [Modify color], randomly shift the color of UI controls in the project
  14. [UI layout offset], support Frame, SnapKit, common layout fine-tuning
  15. [Insert local variable], split single-line compound calls, change the execution order
  16. [Modify local variable], simulate manual encapsulation call, variable name association type (support nesting), advantages:
    1. The value of the local variable remains unchanged during operation. For details, see the summary table of supported types.
    2. Can be executed multiple times, the index x2 increases
  17. [Modify string], recognize single-line, multi-line, string interpolation, and extended string. After the modification, it can be freely combined by a variety of methods such as encryption and split character groups, and the comments of the original characters are reserved for easy inspection
    1. Set the'minimum length' filter
    2. You can also set the "effective number" to use together
  18. [Modify xib, storyboard], automatically insert the view, and modify the internal structure properties
  19. [Insert file], close to actual development (combined with network, storage, MVC, xib, etc., to ensure that the code has high relevance and practical significance), and strengthen contextual relevance. Can set 'file name prefix', set 'Target import' in the same way as OC
  20. [Insert text], generate common text files such as json, txt, plist, etc., and automatically high-related calls in the project (introduction of attributes, initialization, automatic destruction, etc.). Note: (under the project root path, the folder "other_xxx_text" will be generated, and the generated files will be automatically imported)
  21. [Rename class], the class name is not limited (for example: my, My), identify nested types and typealias, support class|struct|enum|protocol
    1. Can be set to'rename files with the same name'
    2. 'Prefix' can be set

Note: At present, the Swift and OC mixed project, the OC calling Swift part will not be processed for the time being, and will be optimized in the future.

Planning

Update iterations will be carried out in the following order

  1. Objective-C (95%), mainly to improve the versatility and stability of the tool, and strengthen the function
    1. Audio and video files are used less and will be added later
  2. Swift (95%), under development...
    1. Enhanced performance
  3. C++ (60%), under development...
    1. Method: Insert
    2. Property: modify
    3. Global variables: modify
  4. Lua (0%) is too specific, and it is temporarily closed. If users have this demand, we will refactor this part
  5. C# (0%), I don’t use much in actual projects, so I ranked last, depending on user needs before deciding
  6. Other functions:
    1. Fast obfuscation mode

Graphic introduction

Run the APP rendering, please read the tool usage tutorial in detail before use
image.png

Update log

v6.6.2 (2022.12.30)

  1. Enhance Swift[rename property], similar to OC, add 'Model mapping', automatically insert Codable mapping relationship
  2. Expand the scope of context references and add support for enumeration type references
  3. Fix [Insert Image], which may cause the same name problem of inserted local variables
  4. Strengthen the pre-check to scan for code irregularities

View more historical update records

Thanks for the feedback

shizu2014myhoniorimbahongtabier008

Link navigation

  1. Tool usage tutorial
  2. Software Questions and Answers (Q&A)
  3. OC[Modification method] Parameter type summary table
  4. OC[Modify local variables] Modify local variables-summary table of supported types
  5. OC[Rename multilingual] processing custom packaging method
  6. Swift[Modification method] Parameter type summary table

About

iOS混淆加固差异化翻新加密工具,模拟人工手动混淆,识别上下文 ,支持继承链、类型识别、方法多参等复杂高级混淆。source-to-source obfuscation of iOS projects,Xcode's refactor->rename. 告别插入毫无关联的垃圾代码、弃用无脑单词随机拼接替换,模拟正常开发,一款最好的

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Objective-C 72.7%
  • Swift 23.3%
  • C++ 3.3%
  • Other 0.7%