03-JoP-Mar-07
1 pages
Published by
sgganesh
Copyright :
All rights reserved
106 MARCH 2007 | LINUX FOR YOU | www.
linuxforu.
com
C M Y K
CCCCC
ompile this program and run it by giving your name
as the argument.
Now find out how the program
works:
main(int i, char*a[]){char b[]={0x48,0x61,0x70,0x70,0x79,0x20,...
[More]
106 MARCH 2007 | LINUX FOR YOU | www.
linuxforu.
com
C M Y K
CCCCC
ompile this program and run it by giving your name
as the argument.
Now find out how the program
works:
main(int i, char*a[]){char b[]={0x48,0x61,0x70,0x70,0x79,0x20,
0x62,0x69,0x72,0x74,0x68,0x64,0x61,0x79,0x20,0x74,0x6f,0x20,0x79,0x6f,
0x75,0x0a};while(i+2) printf((!i—)?”%.
15sdear %s\n”:”%s”,b,1[a]);}
Given your name, say, Bala, it wishes you happy birthday:
Happy birthday to you
Happy birthday to you
Happy birthday, dear Bala
Happy birthday to you
That’s nice, isn’t it!
Instead of starting by dissecting the given obfuscated
program, let me start from the original program and
explain how one can arrive at the obfuscated code
(because that’s the way almost all obfuscated programs are
written).
Here is the original program:
const char * str = “Happy birthday to you\n”;
int main(){
const char name[50];
gets (name);
printf(“ %s %s %.
15s%s %s”, str, str, str, name, str);
}
The idea is to print the string “Happy birthday to
you\n” four times in the printf function.
However, for the
third string, after printing “Happy birthday”, the name that
is given by the user has to be printed.
For that, the format
string %.
15s prints the first 15 characters of the string str
and with the following %s, the given name is printed.
Now, let’s make the program a little compact by moving
the comparison inside the printf function.
Also, to avoid
S.
G.
GaneshS.
G.
GaneshS.
G.
GaneshS.
G.
GaneshS.
G.
Ganesh is an engineer in Hewlett-Packard’s C++
compiler team.
He has authored a book “Deep C” (ISBN 817656-501-6).
He is also a member of the ANSI/ISO C++
Standardization Committee (JTC1/SC22/WG21).
You can
reach him at sgganesh@gmail.
com.
scanf, let the user give the name from the command line:
const char * str = “Happy birthday to you\n”;
main(int argc, char *argv[]){
int i;
for(i=0; i<4; i++) printf((i==2) ? “%.
15sdear %s \n” :
“%s”, str, argv[1]);
}
This is readable; now how can we make it little
illegible?
The string “Happy birthday to you\n” is
readable, so convert it into hexadecimal (in UNIX,
you can probably use the octal dump tool, od,
with the argument –x to print the hexa value).
The expression a[1] is equivalent to 1[a], and
move i++ to the comparison expression i++<4
and change the condition in printf as (i == 3).
Proper white spaces and new-lines are evil
for unreadable code; so, don’t even leave a
single space.
For loop is somewhat predictable,
so replace it by while loop making use of the
fact that the argc value is 2 when passed with
an argument.
Remove the return type of
main.
.
.
It’s possible to obfuscate more, but for the
purpose of explaining the process, this will do.
Now, read the code given in the beginning of this
article and you can understand how it works!
How ‘C’mart Are You?
S.
G.
GANESH
Wikipedia defines ‘obfuscation’ as the concept of concealing the meaning of communication
by making it more confusing and harder to interpret.
For programmers, C is a language of
choice for writing obfuscated code for fun (mostly because of its curt syntax).
This column
covers one such very simple C program and its obfuscated version to help beginners and
novices understand the process of writing and interpreting such programs.
The Joy of
Programming
GUESTCOLUMN
Obfuscating C Code
[Less]
Insert a miniCalaméo on your website or your blog
