-
Notifications
You must be signed in to change notification settings - Fork 0
/
strings.go
130 lines (116 loc) · 2.78 KB
/
strings.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
package gobfuscate
import (
"bytes"
"fmt"
"go/ast"
"go/parser"
"go/token"
"io/ioutil"
insecureRand "math/rand"
"os"
"path/filepath"
"sort"
"strconv"
"strings"
)
const (
canaryPrefix = "can://"
)
// ObfuscateStrings - Obfuscate strings in a given gopath, skips canaries
func ObfuscateStrings(gopath string) error {
return filepath.Walk(gopath, func(path string, info os.FileInfo, err error) error {
if err != nil {
return err
}
if filepath.Ext(path) != GoExtension || info.IsDir() {
return nil
}
if err := stringConstsToVar(path); err != nil {
return err
}
set := token.NewFileSet()
file, err := parser.ParseFile(set, path, nil, 0)
if err != nil {
return nil
}
contents, err := ioutil.ReadFile(path)
if err != nil {
return err
}
obfuscator := &stringObfuscator{Contents: contents}
for _, decl := range file.Decls {
ast.Walk(obfuscator, decl)
}
newCode, err := obfuscator.Obfuscate()
if err != nil {
return err
}
return ioutil.WriteFile(path, newCode, 0755)
})
}
type stringObfuscator struct {
Contents []byte
Nodes []*ast.BasicLit
}
func (s *stringObfuscator) Visit(n ast.Node) ast.Visitor {
if lit, ok := n.(*ast.BasicLit); ok {
if lit.Kind == token.STRING {
s.Nodes = append(s.Nodes, lit)
}
return nil
} else if decl, ok := n.(*ast.GenDecl); ok {
if decl.Tok == token.CONST || decl.Tok == token.IMPORT {
return nil
}
} else if _, ok := n.(*ast.StructType); ok {
// Avoid messing with annotation strings.
return nil
}
return s
}
func (s *stringObfuscator) Obfuscate() ([]byte, error) {
sort.Sort(s)
parsed := make([]string, s.Len())
for i, n := range s.Nodes {
var err error
parsed[i], err = strconv.Unquote(n.Value)
if err != nil {
return nil, err
}
}
var lastIndex int
var result bytes.Buffer
data := s.Contents
for i, node := range s.Nodes {
strVal := parsed[i]
if strings.HasPrefix(strVal, canaryPrefix) {
startIdx := node.Pos() - 1
endIdx := node.End() - 1
result.Write(data[lastIndex:startIdx])
canary := fmt.Sprintf("\"http://%s\"", strVal[len(canaryPrefix):])
result.Write([]byte(canary))
lastIndex = int(endIdx)
} else {
startIdx := node.Pos() - 1
endIdx := node.End() - 1
result.Write(data[lastIndex:startIdx])
result.Write(obfuscatedStringCode(strVal))
lastIndex = int(endIdx)
}
}
result.Write(data[lastIndex:])
return result.Bytes(), nil
}
func (s *stringObfuscator) Len() int {
return len(s.Nodes)
}
func (s *stringObfuscator) Swap(i, j int) {
s.Nodes[i], s.Nodes[j] = s.Nodes[j], s.Nodes[i]
}
func (s *stringObfuscator) Less(i, j int) bool {
return s.Nodes[i].Pos() < s.Nodes[j].Pos()
}
func obfuscatedStringCode(str string) []byte {
index := insecureRand.Intn(len(defaultStrObfuscationCodeGens))
return defaultStrObfuscationCodeGens[index](str)
}