Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Hikari Rust obfuscation (docker) is visual only #3

Closed
sa6ta6ni6c opened this issue Dec 16, 2023 · 4 comments
Closed

Hikari Rust obfuscation (docker) is visual only #3

sa6ta6ni6c opened this issue Dec 16, 2023 · 4 comments

Comments

@sa6ta6ni6c
Copy link

sa6ta6ni6c commented Dec 16, 2023
edited
Loading

Hello! I was able to install OLLVM (Hikari) using docker on Ubuntu 22.04 machine. Installation went smooth, but it seems that although hikari outputs the build is obfuscated successfully, upon review in IDA it seems not. Used allobf.

CMD:

RUSTCFLAGS="-Cllvm-args=-enable-allobf" cargo +ollvm-rust-1.70.0 build --release --target x86_64-pc-windows-gnu

Interestingly, file size was almost unchanged:

2.086.400 bytes No Hikari
2.098.176 bytes Hikari

Without hikari:

image

With hikari:

image

Hikari output at the end:

Doing Post-Run Cleanup
Hikari Out
Spend Time: 0.0077369s
std::mt19937_64 seeded with current timestamp: 1702740763666
Initializing Hikari Core with Revision ID:2b9c52f66815bb8d6ea74a4b26df3410602be9b0
Running Hikari On magnolia_endpoint.f67844fb-cgu.12
Doing Post-Run Cleanup
Hikari Out
Spend Time: 0.0044720s
std::mt19937_64 seeded with current timestamp: 1702740763680
Initializing Hikari Core with Revision ID:2b9c52f66815bb8d6ea74a4b26df3410602be9b0
Running Hikari On magnolia_endpoint.f67844fb-cgu.5
Doing Post-Run Cleanup
Hikari Out
Spend Time: 0.0045967s
std::mt19937_64 seeded with current timestamp: 1702740763696
Initializing Hikari Core with Revision ID:2b9c52f66815bb8d6ea74a4b26df3410602be9b0
Running Hikari On magnolia_endpoint.f67844fb-cgu.3
Doing Post-Run Cleanup
Hikari Out
Spend Time: 0.0027835s
Finished release [optimized] target(s) in 1m 03s
@sa6ta6ni6c sa6ta6ni6c changed the title Hikari Rust obfuscation using docker is visual only Hikari Rust obfuscation (docker) is visual only Dec 16, 2023
@joaovarelas
Copy link
Owner

joaovarelas commented Dec 16, 2023 via email

@sa6ta6ni6c
Copy link
Author

Solved. Thank you.

@joaovarelas
Copy link
Owner

joaovarelas commented Dec 19, 2023 via email

@sa6ta6ni6c
Copy link
Author

Hi @sa6ta6ni6c good to know. How did you solve the issue? Thanks

On Tue, Dec 19, 2023, 15:39 sa6ta6ni6c @.***> wrote:

Solved. Thank you.

Reply to this email directly, view it on GitHub

#3 (comment),

or unsubscribe

https://github.com/notifications/unsubscribe-auth/ABREHBN6RSR3JSI7GNJHZZ3YKGYJJAVCNFSM6AAAAABAXX7ZASVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQNRTGAYDANZVGQ

.

You are receiving this because you commented.Message ID:

@.***>

New build command works.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@joaovarelas @sa6ta6ni6c