混淆方法壹: InstructionsSubstitution
[html]?view plain?copy
-mllvm?-sub:?activate?instructions?substitution?
-mllvm?-funcSUB="func1,func2,func3":?if?instructions?substitution?is?activated,?apply?it?only?on?functions?func1,?func2?and?func3?
-mllvm?-perSUB=20:?if?instructions?substitution?is?activated,?apply?it?with?a?probability?of?20%?on?each?function?
2. 混淆方法二: BogusControlFlow
[html]?view plain?copy
-mllvm?-bcf:?activates?the?bogus?control?flow?pass?
-mllvm?-funcBCF="func1,func2,func3":?if?the?pass?is?activated,?applies?it?only?on?functions?func1,?func2,?func3?
-mllvm?-perBCF=20:?if?the?pass?is?activated,?applies?it?on?all?functions?with?a?probability?of?20%.?Default:?100?
-mllvm?-boguscf-loop=3:?if?the?pass?is?activated,?applies?it?3?times?on?a?function.?Default:?1?
-mllvm?-boguscf-prob=40:?if?the?pass?is?activated,?a?basic?bloc?will?be?obfuscated?with?a?probability?of?40%.?Default:?30?
3. 混淆方法三: ControlFlow Flattening
[html]?view plain?copy
-mllvm?-fla:?activates?control?flow?flattening?
-mllvm?-funcFLA="func1,func2,func3":?if?control?flow?flattening?is?activated,?apply?it?only?on?functions?func1,?func2?and?func3?
-mllvm?-perFLA=20:?if?control?flow?flattening?is?activated,?apply?it?with?a?probability?of?20%?on?each?function?
4.?如何用開源 source code 編譯出混淆器O-LLVM ?
[cpp]?view plain?copy
$?git?clone?-b?llvm-3.5?/obfuscator-llvm/obfuscator.git?
$?mkdir?build?
$?cd?build?
$?cmake?-DCMAKE_BUILD_TYPE:String=Release?../obfuscator/?
$?make?-j5?
編譯後的結果只有bin 和 lib 是有用的,其余的都可以刪除: