Permalink
Cannot retrieve contributors at this time
Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.
Sign up
Fetching contributors…
Cannot retrieve contributors at this time
| # The XORfuscator post-processor - translates M/o/Vfuscated C into only | |
| # xor instructions. | |
| # This is a post-processing routine that can be run on assembly output from the | |
| # M/o/Vfuscator. It converts the M/o/Vfuscator's mov instructions into an | |
| # alternative set of minimalistic instructions. | |
| # To use: | |
| # movcc example.c -S | |
| # python this.py example.s | |
| # as --32 example.s -o example.o | |
| # movcc example.o | |
| # Note that the final linking step above will add the M/o/Vfuscator crt | |
| # libraries; you may wish to run these libraries through this same script, to | |
| # ensure the entire executable is converted. See the M/o/Vfuscator build script | |
| # for an example of building the crt libraries. | |
| import sys | |
| with open(sys.argv[1]) as f: | |
| asm = f.readlines() | |
| asm = [l.replace('ebx', 'esi') for l in asm] | |
| with open(sys.argv[1], 'w') as f: | |
| for l in asm: | |
| if l.startswith("mov"): | |
| f.write("#xor> " + l) | |
| tok = l.find(",", l.find(")")) | |
| if tok == -1: | |
| tok = l.find(",") | |
| source = l[l.index(" "):tok].strip() | |
| dest = l[tok+1:].strip() | |
| if l.startswith("movb"): | |
| s = "b" | |
| reg = "%bl" | |
| elif l.startswith("movw"): | |
| s = "w" | |
| reg = "%bx" | |
| elif l.startswith("movl"): | |
| s = "l" | |
| reg = "%ebx" | |
| f.write("xor%s %s, %s\n" % (s, reg, reg)) | |
| f.write("xor%s %s, %s\n" % (s, source, reg)) | |
| f.write("xor%s %s, %s\n" % (s, dest, reg)) | |
| f.write("xor%s %s, %s\n" % (s, reg, dest)) | |
| else: | |
| f.write(l) | |