Quasi wrote.... If you have the source code, however obfuscated, it will not be /reverse/ engeneering. It wll still be source code which you will have to decode or decypher, so to speak. Reverse engg is generally when you do /not/ have the source code and you generally work only with the binaries.
hmmm agreed ..but what i mean was reverce engg to obtain src codes (sorry my wordings were wrong).,.... what i mean was there r couple of examples of java apps which when u put into decomilers throws some confusing code out .... i mean one method* (just one method) by code obfuscation......
i mean u can obfuscate AND encrypt the code so that it won't be easily underrstoood by someone else :-)
I would be better simply /not/ to give away the source code if that is your purpose !!
err.. OK, obfuscation may protect /interpreted/ code or a /script/.
yeh thanx for correcting ... i shud have mentioned interpreted languages ... i just gave urls for PHP n java ... sorry ...
If u have time just look at some cracking site/honepots for how guys from wild have used this technique to encrypt the codes/ packet transfer also so that even if the packets r notices they confuse !
encrypting, will be plain encryption, will it not? Obfuscation is more of an art.
agreed it's n art only .....sorry if i tried to post it as an method for security ... .... i was discussing just one case .... say from wild i've obtained some binaries which r actually a backdoor programs installed on host ..... these programs say binary foo running on port 23 (just an assumption)... when network administrator gets a doubt for suspicious traffic .. he will start lookin into actual content of the packets transferring .... if the backdoor is coded like it can obfuscate and encrypt the packet and then tranfer it..... the client for that backdoor is coded for deobfuscate (don't know whether this term is there in english...i just mean the reverse thing to obfuscate) the packets and decrypt them ..... so as to just make a network admin guessing bout the packet content ....
it is just a POSSIBILITY .....
thanx for clearing doubts quasee and philip.....
yes n indeed the below example is gr8 ....
ranjeet
quasi below is one of the best examples of obfuscation I have come across. It is in C - Compiles & runs. Guess what it does ?? :-) I had come across this ~5 years back, so unfortunately I do not have the author's name.
---- start ---- #include <stdio.h>
#define l11l 0xFFFF #define ll1 for #define ll111 if #define l1l1 unsigned #define l111 struct #define lll11 short #define ll11l long #define ll1ll putchar #define l1l1l(l) l=malloc(sizeof(l111 llll1));l->lll1l=1-1;l->ll1l1=1-1; #define l1ll1 *lllll++=l1ll%10000;l1ll/=10000; #define l1lll ll111(!l1->lll1l){l1l1l(l1->lll1l);l1->lll1l->ll1l1=l1;}\ lllll=(l1=l1->lll1l)->lll;ll=1-1; #define llll 1000
l111 llll1 { l111llll1 * lll1l,*ll1l1 ;l1l1 lll11 lll [ llll];};main (){l111 llll1 *ll11,*l1l,* l1, *ll1l, * malloc ( ) ; l1l1 ll11l l1ll ; ll11l l11,ll ,l;l1l1 lll11 *lll1,* lllll; ll1(l =1-1 ;l< 14; ll1ll("\t"8)>l"9!.)>vl" [l]^'L'),++l );scanf("%d",&l);l1l1l(l1l) l1l1l(ll11 ) (l1=l1l)-> lll[l1l->lll[1-1] =1]=l11l;ll1(l11 =1+1;l11<=l; ++l11){l1=ll11; lll1 = (ll1l=( ll11=l1l))-> lll; lllll =( l1l=l1)->lll; ll=(l1ll=1-1 );ll1(;ll1l-> lll1l||l11l!= *lll1;){l1ll +=l11**lll1++ ;l1ll1 ll111 (++ll>llll){ l1lll lll1=( ll1l =ll1l-> lll1l)->lll; }}ll1(;l1ll; ){l1ll1 ll111 (++ll>=llll) { l1lll} } * lllll=l11l;} ll1(l=(ll=1- 1);(l<llll)&& (l1->lll[ l] !=l11l);++l); ll1 (;l1;l1= l1->ll1l1,l= llll){ll1(--l ;l>=1-1;--l, ++ll)printf( (ll)?((ll%19) ?"%04d":(ll= 19,"\n%04d") ):"%4d",l1-> lll[l] ) ; } ll1ll(10); } ---- end ----