<a href="https://colab.research.google.com/github/ericyoc/obfuscation_techniques_demo/blob/main/obfuscaton_techniques_demo.ipynb" target="_parent"><img src="https://colab.research.google.com/assets/colab-badge.svg" alt="Open In Colab"/></a>

In [1]:
import random
import base64
import zlib
import ssl
from prettytable import PrettyTable

In [2]:
# Original message
def get_message():
    return "The secret meeting is at 10:00 AM tomorrow."

In [3]:
# 1. Name Obfuscation
def obfuscate_name(message):
    obfuscated_message = ""
    for char in message:
        if char.isalpha():
            obfuscated_message += chr(ord(char) + 1)
        else:
            obfuscated_message += char
    return obfuscated_message

In [4]:
def deobfuscate_name(obfuscated_message):
    deobfuscated_message = ""
    for char in obfuscated_message:
        if char.isalpha():
            deobfuscated_message += chr(ord(char) - 1)
        else:
            deobfuscated_message += char
    return deobfuscated_message

In [5]:
# 2. Control Flow Obfuscation
def obfuscate_message(message):
    obfuscated = ""
    for i in range(len(message)):
        if i % 2 == 0:
            obfuscated += chr(ord(message[i]) + 1)
        else:
            obfuscated += chr(ord(message[i]) - 1)
    return obfuscated

In [6]:
def deobfuscate_message(obfuscated):
    message = ""
    for i in range(len(obfuscated)):
        if i % 2 == 0:
            message += chr(ord(obfuscated[i]) - 1)
        else:
            message += chr(ord(obfuscated[i]) + 1)
    return message

In [7]:
# 3. String Encryption
def encrypt_string(message):
    return base64.b64encode(message.encode('utf-8')).decode('utf-8')

def decrypt_string(encrypted_text):
    return base64.b64decode(encrypted_text).decode('utf-8')

In [8]:
# 4. Packing/Compression
def compress_message(message):
    return base64.b64encode(zlib.compress(message.encode('utf-8'))).decode('utf-8')

def decompress_message(compressed_message):
    return zlib.decompress(base64.b64decode(compressed_message)).decode('utf-8')

In [27]:
# 5. Virtualization/Interpretation
def obfuscate_message_virtualization(message):
    obfuscated_message = ""
    for char in message:
        obfuscated_message += chr(ord(char) + 1)
    return obfuscated_message

def deobfuscate_message_virtualization(obfuscated_message):
    deobfuscated_message = ""
    for char in obfuscated_message:
        deobfuscated_message += chr(ord(char) - 1)
    return deobfuscated_message

def interpret_message(obfuscated_message):
    interpreted_message = deobfuscate_message_virtualization(obfuscated_message)
    return interpreted_message

In [10]:
# 6. Junk Code Insertion
def add_junk_code(message):
    obfuscated_message = ""
    for char in message:
        obfuscated_message += char + "".join(random.choices("abcdefghijklmnopqrstuvwxyz", k=random.randint(1, 3)))
    return obfuscated_message

def remove_junk_code(obfuscated_message):
    deobfuscated_message = ""
    i = 0
    while i < len(obfuscated_message):
        deobfuscated_message += obfuscated_message[i]
        i += random.randint(2, 4)
    return deobfuscated_message

In [11]:
# 7. Opaque Predicates
def complex_condition(x):
    return (x * (x + 1)) % 2 == 0

def obfuscate_message_opaque(message):
    obfuscated_message = ""
    for char in message:
        if complex_condition(ord(char)):
            obfuscated_message += chr(ord(char) + 1)
        else:
            obfuscated_message += chr(ord(char) - 1)
    return obfuscated_message

def deobfuscate_message_opaque(obfuscated_message):
    deobfuscated_message = ""
    for char in obfuscated_message:
        if complex_condition(ord(char)):
            deobfuscated_message += chr(ord(char) - 1)
        else:
            deobfuscated_message += chr(ord(char) + 1)
    return deobfuscated_message


In [12]:
# 8. Self-Modifying Code
def get_message_self_modifying():
    return "The secret meeting is at 10:00 AM tomorrow."

def modify_code():
    code = '''
def get_message_self_modifying():
    return "The secret meeting is at 10:00 AM tomorrow."
'''
    modified_code = code.replace('The secret meeting is at 10:00 AM tomorrow.', 'The confidential gathering will take place at noon today.')
    exec(modified_code, globals())

def restore_code():
    code = '''
def get_message_self_modifying():
    return "The secret meeting is at 10:00 AM tomorrow."
'''
    exec(code, globals())

In [30]:
def create_comparison_table(alice_message, eve_message, bob_message):
    table = PrettyTable()
    table.field_names = ["Perspective", "Message"]
    table.align["Perspective"] = "l"
    table.align["Message"] = "l"

    table.add_row(["Alice (Sender)", alice_message])
    table.add_row(["Eve (Eavesdropper)", f"\033[1m{eve_message}\033[0m"])
    table.add_row(["Bob (Receiver)", bob_message])

    return table

In [31]:
def create_obfuscation_techniques_table():
    table = PrettyTable()
    table.field_names = ["Obfuscation Technique", "Description", "Anti-Analysis Strengths", "Reason for Use"]
    table.align["Obfuscation Technique"] = "l"
    table.align["Description"] = "l"
    table.align["Anti-Analysis Strengths"] = "l"
    table.align["Reason for Use"] = "l"

    table.add_row(["Name Obfuscation", "Renaming variables, functions, and classes to meaningless names",
                   "Makes code harder to understand and follow", "Protects intellectual property and deters reverse engineering"])
    table.add_row(["Control Flow Obfuscation", "Modifying control flow with dummy code, opaque predicates, jump tables, etc.",
                   "Makes logic harder to follow and analyze", "Protects proprietary algorithms and hinders reverse engineering"])
    table.add_row(["String Encryption", "Encrypting string literals and decrypting at runtime",
                   "Hides sensitive strings and messages", "Protects sensitive data and evades string-based analysis"])
    table.add_row(["Packing/Compression", "Compressing code and data into a packed format and decompressing at runtime",
                   "Hinders static analysis and reverse engineering", "Protects intellectual property and reduces file size"])
    table.add_row(["Virtualization/Interpretation", "Converting code to bytecode for a custom virtual machine or interpreter",
                   "Makes static analysis more difficult and hinders debugging", "Protects proprietary algorithms and deters reverse engineering"])
    table.add_row(["Junk Code Insertion", "Adding non-functional code that doesn't affect the logic",
                   "Makes analysis harder and increases complexity", "Hinders reverse engineering and deters tampering"])
    table.add_row(["Opaque Predicates", "Adding complex conditionals that always evaluate to the same value",
                   "Makes static analysis difficult and hinders understanding", "Protects proprietary algorithms and deters reverse engineering"])
    table.add_row(["Self-Modifying Code", "Having the program modify its own instructions at runtime",
                   "Thwarts static analysis and complicates debugging", "Hinders reverse engineering and evades static analysis-based detection"])

    return table

In [28]:
def main():
    message = get_message()

    # 1. Name Obfuscation
    obfuscated_message = obfuscate_name(message)
    deobfuscated_message = deobfuscate_name(obfuscated_message)
    print("\n1. Name Obfuscation:")
    print(create_comparison_table(message, obfuscated_message, deobfuscated_message))

    # 2. Control Flow Obfuscation
    obfuscated_message = obfuscate_message(message)
    deobfuscated_message = deobfuscate_message(obfuscated_message)
    print("\n2. Control Flow Obfuscation:")
    print(create_comparison_table(message, obfuscated_message, deobfuscated_message))

    # 3. String Encryption
    encrypted_message = encrypt_string(message)
    decrypted_message = decrypt_string(encrypted_message)
    print("\n3. String Encryption:")
    print(create_comparison_table(message, encrypted_message, decrypted_message))

    # 4. Packing/Compression
    compressed_message = compress_message(message)
    decompressed_message = decompress_message(compressed_message)
    print("\n4. Packing/Compression:")
    print(create_comparison_table(message, compressed_message, decompressed_message))

    # 5. Virtualization/Interpretation
    obfuscated_message = obfuscate_message_virtualization(message)
    interpreted_message = interpret_message(obfuscated_message)
    print("\n5. Virtualization/Interpretation:")
    print(create_comparison_table(message, obfuscated_message, interpreted_message))

    # 6. Junk Code Insertion
    obfuscated_message = add_junk_code(message)
    deobfuscated_message = remove_junk_code(obfuscated_message)
    print("\n6. Junk Code Insertion:")
    print(create_comparison_table(message, obfuscated_message, message))

    # 7. Opaque Predicates
    obfuscated_message = obfuscate_message_opaque(message)
    deobfuscated_message = deobfuscate_message_opaque(obfuscated_message)
    print("\n7. Opaque Predicates:")
    print(create_comparison_table(message, obfuscated_message, deobfuscated_message))

    # 8. Self-Modifying Code
    original_message = get_message_self_modifying()
    modify_code()
    modified_message = get_message_self_modifying()
    restore_code()
    restored_message = get_message_self_modifying()
    print("\n8. Self-Modifying Code:")
    print(create_comparison_table(message, modified_message, restored_message))

    # Create and print the final comparison table
    print("\nMessage Comparison Table:")
    final_table = create_comparison_table("Orignal message", "Obfuscated/Encrypted message", "Deobfuscated/Decrypted message")
    print(final_table)

    # Create and print the obfuscation techniques table
    print("\nObfuscation Techniques Table:")
    techniques_table = create_obfuscation_techniques_table()
    print(techniques_table)

In [32]:
if __name__ == "__main__":
    main()


1. Name Obfuscation:
+--------------------+---------------------------------------------+
| Perspective        | Message                                     |
+--------------------+---------------------------------------------+
| Alice (Sender)     | The secret meeting is at 10:00 AM tomorrow. |
| Eve (Eavesdropper) | [1mUif tfdsfu nffujoh jt bu 10:00 BN upnpsspx.[0m |
| Bob (Receiver)     | The secret meeting is at 10:00 AM tomorrow. |
+--------------------+---------------------------------------------+

2. Control Flow Obfuscation:
+--------------------+---------------------------------------------+
| Perspective        | Message                                     |
+--------------------+---------------------------------------------+
| Alice (Sender)     | The secret meeting is at 10:00 AM tomorrow. |
| Eve (Eavesdropper) | [1mUgftddqfs!lfduhof!htbs!0191/!@Nunnnsqpv/[0m                                             |
| Bob (Receiver)     | The secret meeting is at 10:00 AM tom