Update V1.2.8 (October 12, 2019)
1. Added the function of exporting confused mapping list to facilitate search and comparison;
2. Fix the Bug that the page cannot be closed after UUID reading is completed;
3. Fix the Bug that the project cannot be opened due to UUID creation error;
4. Fix the Bug of failed acquisition of development language;
5. Fix Swift junk code property field not initialized;
6. Optimize the reading rules of the obfuscation thesaurus to prevent the same initial letters in a large area of combinative words;
7. Optimize the project name confusion mechanism so that the confused name is no longer confused with the original project name;
Updated instructions
Gitee.com/zfj1128/ZFJ…
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — line — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
preface
Today I want to talk about iOS code obfuscation, why do you want to do code obfuscation? For the security of APP, in order to prevent others from cracking our code easily; There is to do the vest bag, we know that the market demand for vest bag is great, but can not spend too much energy in the development, after all, it is only a vest, there is no need to spend too much cost!
Obfuscation tools
Online search, open source and free confusion are reprinted in the confusion method of The sh script of The big sister, or on the basis of the script of the second development, we know that the blog of the new Read was written in 2014, at that time I just do iOS π€, and at that time the Audit in China is not so strict, If you still use that method of obfuscation now, you will definitely receive apple’s 2.3.1 gift package π€, so let’s explore other obfuscation methods instead of digging graves!
ZFJObsLib is an obfuscation tool written primarily in Python, Specific function have confused confused methods, properties, and the name of the class confusion, adding junk code, automatically create garbage, remove the comments and modify a resource file Hash value, encrypted string resource name, renovation, simulated artificial confused, confused confused file name, file directory, confused confused word library, logging and mapping list, sensitive word filtration, image compression, the crawler service, modify the project name The UUID of the renovation project is as follows:
Software interface
ZFJObsLib obfuscation tool fully supports OC projects, SWIFT projects and U3D projects!! π π π
1. Download address:
Gitee:gitee.com/zfj1128/ZFJ…
GitHub:github.com/zfjsyqk/ZFJ…
2. Teaching video:
Link: pan.baidu.com/s/1pqUkgU8Y… Password: 9 SSL
The main interface of ZFJObsLib software is as follows:
Began to confusion
import addRubbishCode as addCode
import cunfusionObjName as conObjN
import confusionFun as conFunc
import cunfusionProperty as conPro
import confusionLog as conLog
import deleteNotes as delNot
import updateSourceHash as updHash
import encryptString as encStr
import sourceName as soName
import missFolder
from singletonModel import ZFJPersoninfo
def start_fun(file_dir, funMap = {}):
personinfo = ZFJPersoninfo()
personinfo.isMissing = True
if len(file_dir) == 0:
return
if int(funMap['property') > 0:# obfuscate attributes
conLog.tips(The '*' * 30 + 'Fun: Start confusing properties' + The '*' * 30)
conPro.startConfusionPro(file_dir)
if int(funMap['funName') > 0:# Obfuscation methods
conLog.tips(The '*' * 30 + 'Fun: Start confusing methods' + The '*' * 30)
conFunc.startConfusionFun(file_dir)
if int(funMap['objName') > 0:# obfuscate the class name
conLog.tips(The '*' * 30 + 'Fun: Start confusing class names' + The '*' * 30)
prefix = funMap['funNamePrefix'].replace('0'.' ') #- Add the class name prefix
personinfo.prefix = prefix # prefix is stored in simple interest
fixObjName = funMap['fixObjName'] #- Automatically fixes class names referenced in filter folders
conObjN.startObfuscatedObjName(file_dir, prefix)
if int(funMap['souHashKey') > 0:Change the hash value of the resource file
conLog.tips(The '*' * 30 + 'Fun: Modify resource HASH ' + The '*' * 30)
updHash.startUpdateSourceHash(file_dir)
if int(funMap['upSouName') > 0:Update the resource file name
conLog.tips(The '*' * 30 + 'Fun: Update resource filename ' + The '*' * 30)
soName.startSourceName(file_dir)
if int(funMap['encryStr') > 0:# Encrypt plaintext string
conLog.tips(The '*' * 30 + 'Fun: Encrypted plaintext String ' + The '*' * 30)
encStr.startEncryptStr(file_dir)
if int(funMap['rubbishCode') > 0:# junk code
conLog.tips(The '*' * 30 + 'Fun: Add junk code ' + The '*' * 30)
amount = int(funMap['rubbishLine']) # - Add line number
addCode.startAddRubbishCode(file_dir, amount)
if int(funMap['deleteNotes') > 0:Obfuscate or delete comments
conLog.tips(The '*' * 30 + 'Fun: Start removing comments' + The '*' * 30)
delNot.startDeleteNotes(file_dir)
if int(funMap['missFolder') > 0:# obfuscate folder names
conLog.tips(The '*' * 30 + 'Fun: Start confusing folder names' + The '*' * 30)
missFolder.startMissFolder(file_dir)
conLog.tips(The '*' * 30 + 'End: End of confusion ' + The '*' * 30)
personinfo.isMissing = False
Copy the codeConfuse the log
ZFJ obfuscated log.log is automatically generated by import Logging, which is convenient for developers to modify some errors:
Ignore the path
We don’t have to confuse all of them, especially third-party libraries, or pods-managed third-party libraries; After all, the more confusion there is, the more problems there will be, so I added the obfuscation ignore file π, as shown below:
import confusionLog as conLog
ignore_Files = ['/Pods/'.'/Vendor/'.'/LIB/'.'/Util/']
conLog.tips('Ignored path ===' + str(ignore_Files))
# check whether the folder is ignored
def isIgnoreFiles(tmp_path):
# if '+' in tmp_path:
# return True
for item in ignore_Files:
if item in tmp_path:
return True
return False
Copy the codealiasing
βοΈβοΈβοΈZFJObsLib has many functions, you can choose according to their own actual use situation! β οΈ β οΈ β οΈ
1. Method confusion
2. Attribute confusion
3. Confusion of class names
4. Add junk code
The invocation and implementation of junk code
5. Create garbage classes
Detailed see: π the Python – ZFJObsLib perfect generating code iOS garbage zfj1128.blog.csdn.net/article/det…
6. Delete comments
7. Filter for sensitive words
8. Modify the Hash value
For the resource files in the project, we can modify the Hash to obfuscate them as follows:
πTips: Ignored paths === ['/Pods/'.'/Vendor/'.'/LIB/'.'/Util/'[UPdHash OK]] π Infor: /Users/zhangfujie/Desktop/Obfuscated/GUEG_MJ/GUEG/GUEG/Assets.xcassets/MainWeb_Back_Icon.imageset/fanhui-4.png Old π Infor: [UPdHash Meg] : dd03889c2e8647b9377d08775333557ff11425dd < - > New: 4 a72c7b640882ae436b18868aa021331169db3fa π Infor: [UPdHash OK] / Users/zhangfujie/Desktop/Obfuscated/GUEG_MJ/GUEG/GUEG/Assets xcassets/AppIcon. Appiconset / 60 PNG Old π Infor: [UPdHash Meg] : 2 d73347848d7168c09c48efe28a7ac5a9ec7411b < - > New: 551483123 b5cc2c4c5ff2f5bf876db0d075261a1 π Infor: [UPdHash OK] / Users/zhangfujie/Desktop/Obfuscated/GUEG_MJ/GUEG/GUEG/Assets xcassets/AppIcon. Appiconset / 58. PNG Old π Infor: [UPdHash Meg] : c0c671fe3707bca8c5accdcadd8aa9f4f1f2726c < - > New: d022db1c1f99c263b69bc09c09bc52dd1fa97fb5 π Infor: [UPdHash OK] / Users/zhangfujie/Desktop/Obfuscated/GUEG_MJ/GUEG/GUEG/Assets xcassets/AppIcon appiconset / 120-1. PNG Old π Infor: [UPdHash Meg] : 5 a6a7ec42d7489be18888828c1a9caba0da688ca < - > New: 8 bbddfbbbed9023e4537e9e6caeed79c88ef8955 π Infor: [UPdHash OK] / Users/zhangfujie/Desktop/Obfuscated/GUEG_MJ/GUEG/GUEG/Assets xcassets/AppIcon. Appiconset / 120 PNG Old π Infor: [UPdHash Meg] : 5 a6a7ec42d7489be18888828c1a9caba0da688ca < - > New: dcc4b47092bca1d6a6bb6d7bd671a0ef7ce2f4da π Infor: [UPdHash OK] / Users/zhangfujie/Desktop/Obfuscated/GUEG_MJ/GUEG/GUEG/Assets xcassets/AppIcon. Appiconset / 180 PNG Old π Infor: [UPdHash Meg] : fee9220dbba52040517a0f77ffe8335e9300a64b < - > New: d28a9118e1cf4a2ce9fc2805184 ad42e20500c95 π Infor: [UPdHash OK] / Users/zhangfujie/Desktop/Obfuscated/GUEG_MJ/GUEG/GUEG/Assets xcassets/AppIcon appiconset/GUEG_ICON PNG π Infor: [UPdHash Meg] Old: 07 ed6c66ec7d5550bfa1e32b4848687417027c90 < - > New: fb780d87591cc86dd0fd24cdfa41e76a091ad657 π Infor: [UPdHash OK] / Users/zhangfujie/Desktop/Obfuscated/GUEG_MJ/GUEG/GUEG/Assets xcassets/AppIcon. Appiconset / 80 PNG π Infor: [UPdHash Meg] Old:ca3b3f61fc4 c391515fe895d81360d15ec598049 < - > New: 769 ebf182fbb3a3fd69c46c3a595c1669c505f63 π Infor: [UPdHash OK] / Users/zhangfujie/Desktop/Obfuscated/GUEG_MJ/GUEG/GUEG/Assets xcassets/AppIcon. Appiconset / 40. PNG π Infor: [UPdHash Meg] Old: 1 bb7908a2ba1295fa69ad476a81003f2f413a3a8 < - > New: 10793 e67b27cdf5ad1ee4b9d37aecc62074b8ffc π Infor: [UPdHash OK] /Users/zhangfujie/Desktop/Obfuscated/GUEG_MJ/GUEG/GUEG/Assets.xcassets/AppIcon.appiconset/87.png ...... And so on...Copy the code9. Encrypt the string
The code before compilation looks like this:
- (void)uiConfig{
ZFJView *zfjView = [[ZFJView alloc] initWithZFJ:@"ZFJ1128"];
zfjView.backgroundColor = [UIColor yellowColor];
zfjView.frame = CGRectMake(100, 100, 150, 150);
[zfjView setZFJViewTitleLab];
[zfjView setZFJViewTitleLab:@"aaaaaa"];
[zfjView setZFJViewTitleLab:@"aaa" efg:@"dscvdscsd"];
[zfjView setZFJViewTitleLab:@"ddscvsdv" efg:@"cdsvdfbdf" hijk:@"cdvsvbdsbdfgnfdhnhdg"];
[self.view addSubview:zfjView];
[ZFJView svdsvfdsvfdvbzdfb];
}
Copy the codeThe compiled code looks like this:
- (void)uiConfig{
ZFJView *zfjView = [[ZFJView alloc] initWithZFJ:ZFJ_NSSTRING(((char []) {240, 236, 224, 155, 155, 152, 146, 0}))];
zfjView.backgroundColor = [UIColor yellowColor];
zfjView.frame = CGRectMake(100, 100, 150, 150);
[zfjView setZFJViewTitleLab];
[zfjView setZFJViewTitleLab:ZFJ_NSSTRING(((char []) {203, 203, 203, 203, 203, 203, 0}))];
[zfjView setZFJViewTitleLab:ZFJ_NSSTRING(((char []) {203, 203, 203, 0})) efg:ZFJ_NSSTRING(((char []) {206, 217, 201, 220, 206, 217, 201, 217, 206, 0}))];
[zfjView setZFJViewTitleLab:ZFJ_NSSTRING(((char []) {206, 206, 217, 201, 220, 217, 206, 220, 0})) efg:ZFJ_NSSTRING(((char []) {201, 206, 217, 220, 206, 204, 200, 206, 204, 0})) hijk:ZFJ_NSSTRING(((char []) {201, 206, 220, 217, 220, 200, 206, 217, 200, 206, 204, 205, 196, 204, 206, 194, 196, 194, 206, 205, 0})]; [self.view addSubview:zfjView]; [ZFJView svdsvfdsvfdvbzdfb]; }Copy the codeThe Hopper comparison before and after crypto-obfuscation decompilation is as follows:
10. Update the resource name
Find and update image resources in the project, and then automatically replace references in the code.
11. Confusing the project catalog
12. Image compression tool
ZFJObsLib integrated image compression tool, support one click to generate iOS development three sets of ICONS, also support custom compression size, can also remove the Alpha channel, convert to RGB image mode; Implementation logic may refer to: zfj1128.blog.csdn.net/article/det… The details are as follows:
13. Crawler
The teaching video
Resources crawl: Link :pan.baidu.com/s/1xa9ruF_h… ZPG password: 1
Node crawl: link: pan.baidu.com/s/1ebWWYtjo… Password: cosa
Use the screenshot
14. Set obfuscation prefixes
Set confusion prefix, be sure to click save oh!! β οΈ β οΈ β οΈ
15. Resource cleansing tools
In the process of iOS project development, if the version iteration development time is relatively long, then after many versions of development or several people involved in development, there are inevitably some garbage resources in the project, unused but occupy the size of the API package!
Here I used Python scripts to find and delete unused images, audio, and video resources in the project. To achieve the purpose of reducing the size of the APP package!
Detailed see: π “Python – a key to find the iOS project did not use images, audio, video resources” zfj1128.blog.csdn.net/article/det…
16. Mix up your vocabulary
ZFJObsLib comes with over 200,000 dictionary words, so you don’t have to worry about code duplication. If you feel that the target of the dictionary words is not strong or meaningless, you can customize the dictionary. The following is the video for customizing the dictionary words:
17. Read the UUID function/Update the UUID function of the project
Since you don’t know Xcode’s UUID generation rules in detail, this feature is designed to read UUID from other projects. It is convenient to create garbage classes and modify UUID usage. In the process of confusion, if you use the function to create garbage classes and modify the UUID, it is recommended that you use this function to read the UUID of another project for more realistic purposes. The best way to use it is to create a new iOS project with Xcode, and then create a few classes or try, and then read the Xcodeproj of the new project to get the UUID. If the number of UUID used is greater than the number of UUID read, ZFJObsLib will use the UUID read first. When all the UUID read is used up, ZFJObsLib will automatically create its own UUID based on its own rules (not recommended)!
π recommend creating a project with Xcode yourself, creating a few more classes or trying to read! π
Refurbished UUID effect comparison diagram
Confuse the sample
This project is a swift project provided by a group of friends!
Author: ZFJ_ Zhang Fujie
Source: CSDN
Original text: zfj1128.blog.csdn.net/article/det… (First update)
Copyright notice: This article is the blogger’s original article, reprint please attach the blog link!