How to Create Obfuscated Code In C

Discussion in 'C' started by poornaMoksha, Dec 1, 2011.

  1. poornaMoksha

    poornaMoksha New Member

    Joined:
    Jan 29, 2011
    Messages:
    150
    Likes Received:
    33
    Trophy Points:
    0
    Occupation:
    Software developer
    Location:
    India
    Most of the newbie programmers are fascinated by the term 'hacking' or 'cracking'(to be precise). Generally, they see some weirdly written code (that may visually seem like a painting to any new programmer) and start dreaming of the developer who has written the code as god of programming or something. I have personally interacted with many of these and they usually are very willing to know about how to write this kind of code. Though I strongly disagree with this type of coding practice but still I think every aspiring developer has the right to know how this is done. So in this article lets discuss how to write obfuscated code.

    From Wikipedia:
    Obfuscated code is source or machine code that has been made difficult to understand for humans.​
    I'll use C as the programming language, Linux as the OS(Linux mint the distribution) and gcc as the compiler.

    The Myth About Obfuscated Code



    So, all of those who are new to C programming, what if I give you something like this :

    Code:
    #include <stdio.h>
    
    _(__,___,____){___/__<=1?_(__,___+1,____):!(___%__)?_(__,___+1,0):___%__==___/
    __&&!____?(printf("%d\t",___/__),_(__,___+1,0)):___%__>1&&___%__<___/__?_(__,1+
    ___,____+!(___/__%(___%__))):___<__*__?_(__,___+1,____):0;}main(){_(100,0,0);
    }
    and tell you that it produces the following output :

    Code:
    2    3    5    7    11    13    17    19    23    29    31    37    41    43    47    53    59    61    67    71    73    79    83    89    97
    I know most of you would be like WTF. Whats that piece of code?? and how is it able to produce this output??

    Some of you might even believe that this code cannot be understood or its a kind of magic etc.

    Well, to all those, this is not magic, this is obfuscation of code. So, lets shed all the myths away and see how this kind of code is made.

    Step 1 : Write a simple program



    Just forget about that small monster you saw above. Lets see a decent looking code here :


    Code:
    #include<stdio.h>
    
    int func(int a, int b, int c)
    {
        if((b/a) <=1)
        {
            return func(a, b+1, c);
        }
        else 
        {
            if(!(b%a))
            {
                return func(a,b+1,0);
            }
            else
            {
                if(((b%a) == (b/a)) && !c)
                {
                    return (printf("%d\t",b/a), func(a,b+1,0));
                }
                else
                {
                    if(((b%a)>1) && ((b%a)<(b/a)))
                    {
                        return func(a,1+b,c+!(b/a%(b%a)));
                    }
                    else
                    {
                        if(b<a*a)
                        {
                            return func(a,b+1,c);
                        }
                        else
                        {
                            return 0;
                        }
                    }
               }
            }
         }
    
    return 0;
    }
    I hope the above code is not hard to understand. Or is it?? Well I do not think so.
    If you think that this is difficult then I think that you should take a good C book and study it first!!!

    Lets see the output :

    Code:
    2    3    5    7    11    13    17    19    23    29    31    37    41    43    47    53    59    61    67    71    73    79    83    89    97
    So we see that the output is same as of the one I showed earlier. So, lets try to obfuscate this code as close to the one shown earlier.

    Step 2 : Change function name



    Well, to make the code a bit obfuscated, start replacing names with weird but allowed characters. Like here I will replace the function name 'func' with an underscore '_'

    Code:
    #include<stdio.h>
    
    int _(int a, int b, int c)
    {
        if((b/a) <=1)
        {
            return _(a, b+1, c);
        }
        else 
        {
            if(!(b%a))
            {
                return _(a,b+1,0);
            }
            else
            {
                if(((b%a) == (b/a)) && !c)
                {
                    return (printf("%d\t",b/a), _(a,b+1,0));
                }
                else
                {
                    if(((b%a)>1) && ((b%a)<(b/a)))
                    {
                        return _(a,1+b,c+!(b/a%(b%a)));
                    }
                    else
                    {
                        if(b<a*a)
                        {
                            return _(a,b+1,c);
                        }
                        else
                        {
                            return 0;
                        }
                    }
               }
            }
         }
    
    return 0;
    }
    
    int main(void)
    {
        _(100,0,0);
        return 0;
    }
    Looks funny!!! right?? Ok. lets move ahead.


    Step 3 : Change the first argument name



    Now, since function name has been changed, lets apply the same to first argument 'a' and replace it with a double underscore ie '__'

    Code:
    #include<stdio.h>
    
    int _(int __, int b, int c)
    {
        if((b/__) <=1)
        {
            return _(__, b+1, c);
        }
        else 
        {
            if(!(b%__))
            {
                return _(__,b+1,0);
            }
            else
            {
                if(((b%__) == (b/__)) && !c)
                {
                    return (printf("%d\t",b/__), _(__,b+1,0));
                }
                else
                {
                    if(((b%__)>1) && ((b%__)<(b/__)))
                    {
                        return _(__,1+b,c+!(b/__%(b%__)));
                    }
                    else
                    {
                        if(b<__*__)
                        {
                            return _(__,b+1,c);
                        }
                        else
                        {
                            return 0;
                        }
                    }
               }
            }
         }
    
    return 0;
    }
    
    int main(void)
    {
        _(100,0,0);
        return 0;
    }
    Wow...I hope you are enjoying the progress!!!!

    Step 4 : Change second argument name



    Similarly, change the second argument name from 'b' to '___'

    Code:
    #include<stdio.h>
    
    int _(int __, int ___, int c)
    {
        if((___/__) <=1)
        {
            return _(__, ___+1, c);
        }
        else 
        {
            if(!(___%__))
            {
                return _(__,___+1,0);
            }
            else
            {
                if(((___%__) == (___/__)) && !c)
                {
                    return (printf("%d\t",___/__), _(__,___+1,0));
                }
                else
                {
                    if(((___%__)>1) && ((___%__)<(___/__)))
                    {
                        return _(__,1+___,c+!(___/__%(___%__)));
                    }
                    else
                    {
                        if(___<__*__)
                        {
                            return _(__,___+1,c);
                        }
                        else
                        {
                            return 0;
                        }
                    }
               }
            }
         }
    
    return 0;
    }
    
    int main(void)
    {
        _(100,0,0);
        return 0;
    }

    Step 5 : Change the third argument name



    Similarly, change the Third argument name from 'c' to '____'.

    Code:
    #include<stdio.h>
    
    int _(int __, int ___, int ____)
    {
        if((___/__) <=1)
        {
            return _(__, ___+1, ____);
        }
        else 
        {
            if(!(___%__))
            {
                return _(__,___+1,0);
            }
            else
            {
                if(((___%__) == (___/__)) && !____)
                {
                    return (printf("%d\t",___/__), _(__,___+1,0));
                }
                else
                {
                    if(((___%__)>1) && ((___%__)<(___/__)))
                    {
                        return _(__,1+___,____+!(___/__%(___%__)));
                    }
                    else
                    {
                        if(___<__*__)
                        {
                            return _(__,___+1,____);
                        }
                        else
                        {
                            return 0;
                        }
                    }
               }
            }
         }
    
    return 0;
    }
    
    int main(void)
    {
        _(100,0,0);
        return 0;
    }
    Now, if you see the above code seems quite obfuscated but not as quite as you would have liked. Ya, I know, so lets try one last weapon ie the ternary operator. Remember it ?

    The syntax of a ternary expression is :

    <condition> ? <expression-1> : <expression-2>

    where if the <condition> is true then <expression-1> is evaluated else <expression-2> is evaluated. For example :

    Code:
    b>a ? a++ : b++
    if b > a then increment a else increment b. So, we see that a ternary expression can easily be represented in form of if-else expression. For example, the above expression can represented as :

    Code:
    if(b>a)
    {
        a++;
    }
    else
    {
        b++; 
    }
    Now, what we already have is an obfuscated code with if-else statements, so as a last step, lets just change the if-else statements with ternary expressions.

    Step 6 : Apply the ternary expressions



    Finally, lets replace all the if-else with ternary expressions and make sure we have as less white spaces as we can in the code.

    lets see the beauty :

    Code:
    #include <stdio.h>
    
    _(__,___,____){___/__<=1?_(__,___+1,____):!(___%__)?_(__,___+1,0):___%__==___/
    __&&!____?(printf("%d\t",___/__),_(__,___+1,0)):___%__>1&&___%__<___/__?_(__,1+
    ___,____+!(___/__%(___%__))):___<__*__?_(__,___+1,____):0;}main(){_(100,0,0);
    }
    Wooohoooo.....here we have an obfuscated code!!!!!! Seems like a painting...right?? Magic :)

    Note that in this step, We got away with the data type of arguments and we also got away with the return types of the functions main() and _() as gcc will automatically assume int in both the cases

    Lets cross check the output :

    Code:
    2    3    5    7    11    13    17    19    23    29    31    37    41    43    47    53    59    61    67    71    73    79    83    89    97
    We see that the output is also same!!!

    Tips for obfuscation


    • Use weirdly looking but allowed names for functions and variables
    • Use ternary expressions where ever you can
    • make sure that there is as less white spaces possible in the code.
    • the more you practice, the more you learn :)

    Conclusion



    To conclude, In this article we learned how to create an obfuscated code out of a normal code. Professionally there is no use for these kind of codes but these are good for fun. :) and I hope you enjoyed.

    Stay tuned for more!!!!
     
    shabbir, Trinity and (deleted member) like this.
  2. lionaneesh

    lionaneesh Active Member

    Joined:
    Mar 21, 2010
    Messages:
    848
    Likes Received:
    224
    Trophy Points:
    43
    Occupation:
    Student
    Location:
    India
    Nice One! :) , Some New Stuff! :)
     
  3. poornaMoksha

    poornaMoksha New Member

    Joined:
    Jan 29, 2011
    Messages:
    150
    Likes Received:
    33
    Trophy Points:
    0
    Occupation:
    Software developer
    Location:
    India
    Thanks Buddy!!!!
     
  4. Scripting

    Scripting John Hoder

    Joined:
    Jun 29, 2010
    Messages:
    421
    Likes Received:
    57
    Trophy Points:
    0
    Occupation:
    School for life
    Location:
    /root
    Awesome work, keep it up!
     
  5. sura

    sura Banned

    Joined:
    Aug 4, 2011
    Messages:
    47
    Likes Received:
    1
    Trophy Points:
    0
    Location:
    India,Tamil Nadu.
    very nice man...
     
  6. vamshikrishna760

    vamshikrishna760 New Member

    Joined:
    Dec 20, 2011
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    0
    Really great sir.........
    i like u...
     
  7. poornaMoksha

    poornaMoksha New Member

    Joined:
    Jan 29, 2011
    Messages:
    150
    Likes Received:
    33
    Trophy Points:
    0
    Occupation:
    Software developer
    Location:
    India
    Thank you all for the complements!!!
     

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice