README
¶
Sliver / gobfuscate
This directory contains a highly modified version of gobfuscate, it's been modified to work with the Sliver build process.
It also contains a modified version of the https://github.com/golang/tools/refactor/rename tool, it has been modified to log messages instead of writing them stdout, ignore "DO NOT EDIT" tags, and a few other tweaks.
gobfuscate
When you compile a Go binary, it contains a lot of information about your source code: field names, strings, package paths, etc. If you want to ship a binary without leaking this kind of information, what are you to do?
With gobfuscate, you can compile a Go binary from obfuscated source code. This makes a lot of information difficult or impossible to decipher from the binary.
What it does
Currently, gobfuscate manipulates package names, global variable and function names, type names, method names, and strings.
Package name obfuscation
When gobfuscate builds your program, it constructs a copy of a subset of your GOPATH. It then refactors this GOPATH by encrypting package names and paths. As a result, a package like "github.com/unixpickle/deleteme" becomes something like "jiikegpkifenppiphdhi/igijfdokiaecdkihheha/jhiofoppieegdaif". This helps get rid of things like Github usernames from the executable.
Limitation: currently, packages which use CGO cannot be renamed. I suspect this is due to a bug in Go's refactoring API.
Global names
Gobfuscate encrypts the names of global vars, consts, and funcs. It also encrypts the names of any newly-defined types.
Due to restrictions in the refactoring API, this does not work for packages which contain assembly files or use CGO. It also does not work for names which appear multiple times because of build constraints.
Struct methods
Gobfuscate encrypts the names of most struct methods. However, it does not rename methods whose names match methods of any imported interfaces. This is mostly due to internal constraints from the refactoring engine. Theoretically, most interfaces could be obfuscated as well (except for those in the standard library).
Due to restrictions in the refactoring API, this does not work for packages which contain assembly files or use CGO. It also does not work for names which appear multiple times because of build constraints.
Strings
Strings are obfuscated by replacing them with functions. A string will be turned into an expression like the following:
(func() string {
mask := []byte{33, 15, 199}
maskedStr := []byte{73, 106, 190}
res := make([]byte, 3)
for i, m := range mask {
res[i] = m ^ maskedStr[i]
}
return string(res)
}())
Since const declarations cannot include function calls, gobfuscate tries to change any const strings into vars. It works for declarations like any of the following:
const MyStr = "hello"
const MyStr1 = MyStr + "yoyo"
const MyStr2 = MyStr + (MyStr1 + "hello1")
const (
MyStr3 = "hey there"
MyStr4 = MyStr1 + "yo"
)
However, it does not work for mixed const/int blocks:
const (
MyStr = "hey there"
MyNum = 3
)
License
This is under a BSD 2-clause license. See LICENSE.
Documentation
¶
Index ¶
- Constants
- Variables
- func CopyGopath(ctx build.Context, packageName string, newGopath string, keepTests bool) bool
- func Gobfuscate(config gogo.GoConfig, encKey string, pkgName string, outPath string, ...) (string, error)
- func MovePackage(ctxt *build.Context, from, to, moveTmpl string) error
- func ObfuscatePackageNames(ctx build.Context, gopath string, enc *Encrypter) error
- func ObfuscateStrings(gopath string) error
- func ObfuscateSymbols(ctx build.Context, gopath string, enc *Encrypter) error
- func Rename(ctxt *build.Context, offsetFlag, fromFlag, to string) error
- type Encrypter
Constants ¶
const GoExtension = ".go"
GoExtension - Go src code file extension
Variables ¶
var ( // Force enables patching of the source files even if conflicts were reported. // The resulting program may be ill-formed. // It may even cause gorename to crash. TODO(adonovan): fix that. Force = true // This ensure we ignore any "DO NOT EDIT"s // Diff causes the tool to display diffs instead of rewriting files. Diff bool // DiffCmd specifies the diff command used by the -d feature. // (The command must accept a -u flag and two filename arguments.) DiffCmd = "diff" // ConflictError is returned by Main when it aborts the renaming due to conflicts. // (It is distinguished because the interesting errors are the conflicts themselves.) ConflictError = errors.New("renaming aborted due to conflicts") // Verbose enables extra logging. Verbose bool )
IgnoreMethods - Methods to skip when obfuscating
var SkipRenames = map[string]bool{ "_": true, "int32ptr": true, "atomicLock": true, "grow": true, }
SkipRenames - Skip renaming these symbols
Functions ¶
func CopyGopath ¶
CopyGopath - Creates a new Gopath with a copy of a package and all of its dependencies.
func Gobfuscate ¶
func Gobfuscate(config gogo.GoConfig, encKey string, pkgName string, outPath string, symbols bool) (string, error)
Gobfuscate - Obfuscate Go code
func MovePackage ¶
Move, given a package path and a destination package path, will try to move the given package to the new path. The Move function will first check for any conflicts preventing the move, such as a package already existing at the destination package path. If the move can proceed, it builds an import graph to find all imports of the packages whose paths need to be renamed. This includes uses of the subpackages of the package to be moved as those packages will also need to be moved. It then renames all imports to point to the new paths, and then moves the packages to their new paths.
func ObfuscatePackageNames ¶
ObfuscatePackageNames - Obfuscate package names
func ObfuscateStrings ¶
ObfuscateStrings - Obfuscate strings in a given gopath, skips canaries
func ObfuscateSymbols ¶
ObfuscateSymbols - Obfuscate binary symbols
Source Files
Directories