Binary and source code obfuscation application for Windows

We need an application which will be used as a tool to perform the following tasks:

1. Binary obfuscation for executables and DLLs (Win32)

2. Binary obfuscation for executables and DLLs (DOT NET)

3. Binaty obfuscaiton for executables and DLLs (MIXED Win32 and DOT NET)

4. Source code obfuscaiton for Win32 or MFC C++ source code

5. Source code obfuscaiton for DOT NET source code

6. Source code obfuscation for MIXED (C++ and DOT NET) source code

Obfuscation needed for product with CLI, C++ and C# code. We are looking for the tool (with full source code). Not the service.

A MDI application (can be MFC).Each window openned can be given one of the following tasks:

1. Binary obfuscation for executables and DLLs (Win32)

2. Binary obfuscation for executables and DLLs (DOT NET)

3. Binaty obfuscaiton for executables and DLLs (MIXED Win32 and DOT NET)

4. Source code obfuscaiton for Win32 or MFC C++ source code

5. Source code obfuscaiton for DOT NET source code

6. Source code obfuscation for MIXED (C++ and DOT NET) source codePer each of these tasks, parameters are chosen among them:

1. Selection of source folder, where the file/s to obfuscate reside

2. Selection of destination folder, where the result/s will be placed

3. Other parameters required - TBD by [url removed, login to view] "Start" will perform the obfuscation, displaying the progress, output, messages and results.A batch mode will allow running this application as part of a batch file or a command line, such as executing it by another program.

For further reading about binary obfuscation, please refer to:-Cullen Linn and Saumya Debray. "Obfuscation of Executable Code to Improve Resistance to Static Disassembly." Proc. 10th. ACM Conference on Computer and Communications Security (CCS 2003), Oct. 2003, pp. 290-299. [PDF]-Igor Popov, Saumya Debray, and Gregory Andrews. "Binary Obfuscation Using Signals." Proc. Usenix Security '07, Aug. 2007, pp. 275-290. [PDF]

The DOT NET obfuscation should work similarely to products such as Dotfuscator.C++ (Win32) obfuscation should work similarely to [url removed, login to view] obfuscation tools.

Obfuscation of MIXED binary and source code is the challange here, and should be performed without decreasing [url removed, login to view] binary files should include strong encryption with a self extracting mechanism (transparent to the end user).Binary and source code obfuscation should include encryption (and on the fly decryption) of all strings which are part of the C++ / DOT NET solution.

• Supports native Win32 C++ applications

• Supports .NET applications

• protection against ILDASM and utilities using reflection APIs. It will crash ILDASM utility and Reflector from disassembling your .exe files.

• support for mixed images that contain both managed and unmanaged code.

• debug made easy, the obfuscated image can be used to replace the original for debuging purpose, since it contains the same symbolic info of exceptions and line numbers, etc., which is impossible to achieve using ildasm-ilasm round trip.

• extremely easy symol lookup by simply loading the original and obfuscated assemblies, no log file is ever required.

• Works on binary and source code files

• A MDI framework with the following views:

• Class View

• Meta Data

• PE Format

• Source Code

• Include an Add-In for Visual Studio

• is cross-platform product, it can be easily installed and used on Windows, Mac OS X, Linux, Solaris or any other Unix OS.

* Supports correct obfuscation of all preprocessor macros and conditionals of any complexity

* Full support for products consisting of several C and C++ files in the same C/C++ Obfuscation Project

* includes Obfuscation Project Manager - an advanced intuitive cross-platform (Windows, MacOS X, Linux and Unix) graphical user interface for protecting any size project created with C/C++ with mixed types of code , complete with with IDE-like functionality (supporting Build, Rebuild Changed, Clean)

* It can extract symbols for any API - just provide a directory with the files defining API

* has special debugging mode and unique tools to generate a list of symbols that can't be changed, saving development time.

* supports several advanced ways to generate obfuscated names including using shortest possible name.

* supports all C/C++ dialects of all existing compilers

*should include functionality to tightly control the obfuscation and encoding of C and C++ Obfuscator

*Ability to watermark C/C++ and to make the study of changes between versions of the same file more difficult

* should allow creation of lists of symbols that shouldn't be modified; Many exception tables for standard interfaces are included

• Support mixed (C++ and .NET applications).

• change all possible member names to meaningless and duplicate ones. Most methods and fields would have the same name, 'A', after obfuscation.

• remove all unnecessary data, including debug info, parameter names and certain metadata, etc.

• cross assembly obfuscation.

• incremental obfuscation.

• easy name lookup based on the original/obfuscated images, no log file needed.

• operate directly on executable files, images with native or mixed codes are supported, e.g., it supports assemblies from managed C++ that contains native code.

• extremely easy to use, the obfuscator takes one or more .exe and .dll files, and transform them into new format either in place or save as different file names as you would specify. No extra steps are involved. No third party tools (e.g. ilasm) are needed.

• up to 20% image size reduction.

• assemblies protected by our obfuscator will NOT be able to get decompiled by our own decompiler.

• allows full customization of the obfuscation process, obfuscation is controlled by custom attribute programming or a flexible XML config file.

• graphical user interfaces is provided to work with the obfuscator.

• uses massive overloading of method and field names for even higher security.

• generates only verifiable MSIL bytecode in full compliance with the Microsoft .NET Specification.

• updates the manifest in assembly using obfuscated names and automatically generated resource names.

• code optimization and flow obfuscation will be available at a later date.

• code protection against dissemblers

• String protection - preventing strings from being viewed by Hex editors, etc.

• Resource protection - preventing resource objects such as icons, string tables, etc. from being viewed by external tools

Pls send over your proposals on how you solve this..

Bellow you can see high level diagram which illustrate 3 components:

Application (.NET C# WinForms) -> Interop CLI DLL (Managed C++) -> Common DLL (Native C++)

1. Application: .NET Winforms application written in C# only
2. Interop CLI DLL written in C++ Managed only (on top of CLR)
3. Common Native DLL written in C++ only
4. We also have more DLL’s written in pure C#


All 4 Components will need to be secured using your obfuscation technology.

Please note that the application itself, what we need you to develop, should be developed in C++ / Win32 API / MFC

Pls submit your proposal on how you can solve this project?

Also pls submit reference to 1-2 previous clients so I can verify your skills.. thank you

Following questions we have been asked, for the alpha version we need only support for CLR c++ syntax.

.NET C Programming C# Programming C++ Programming Windows Server

Project ID: #728580

About the project