How to obfuscate iOS binary.

Question

Hi, I'm just wondering how you could obfuscate functions in iOS binary?

If you tried to reverse iOS binaries using tools like ida you will see part of the binaries have obfuscated functions like all or partly named sub_xxxxxxxx but the other have human readable functions

Someone said, add those lines to the top of your header without any further explaining:

#define SecurityClass ah7p
#define checkCopyProtection xcyc

What the methods used to secure your App?

Sorry for the dumb question, but I'm new there and I ended up with no answer explained what I need.

i dont think its really advisable to use obfuscate on objective-c it can break many things like kvc / protocol functioning properly ... why do you need this ? — nsuinteger, Apr 02 '14 at 04:49
Objective-C, being an extremist of a dynamic language, is incredibly easy to decompile with or without obfuscation. The compiler will not allow you to modify the way methods are compiled, and the so-called obfuscation hack you've stumbled onto is unmaintainable in the long run (seriously, having to rewrite nearly every symbol with an obfuscated junk name using the preprocessor is madness). tl;dr You cannot completely strip out the Objective-C ness of an Objective-C binary. There'll always be class and method information lying around to tip off any hacker with enough free time. — CodaFi, Apr 02 '14 at 04:57
CodaFi thanks for your answer but believe me any hacker can easily modify your app without obfuscation via hex editing and spotting interesting points . when you download any app from itunes it will come encrypted however it's not so hard to decrypt it and see it clearly if functions were human readable. that why i need to use that obfuscation thing — zizeq9, Apr 02 '14 at 05:11
Pick a different language, then. All those sub_xxx functions you see were not generated by an Objective-C compiler. — CodaFi, Apr 02 '14 at 05:13
There are objc obfuscators and I used one for my projects but they don't touch any of the objc stuff like class names and selectors. Only the actual code will be obfuscated. Furthemore, because of the way objc works inside obfuscators can't even do much if there is many objc method calls. It can obfuscate some calculations but when it comes to a bunch of objc method calls - it will be left almost untouched. That coupled with method and class names makes objc obfuscation pretty much useless. You're better of with C/C++. Method names will be lost and obfuscation will work much better with them. — creker, Aug 18 '14 at 17:45
Also, I do remember decompiling one app where even method and class names were obfusacted like you see it in Java, for example. Everything is like "AAA", "BBB". But I think it's not done by some obfuscator, rather by either preprocessor macroses or even some source code post-processing. I think that because not everything was obfuscated. Many classes were left untouched. Others were obfuscated. — creker, Aug 18 '14 at 17:48

score 1 · Answer 1 · edited Apr 20 '19 at 21:07

There are a couple of ways to obfuscate an iOS binary.

Open Source compiler named llvm-obfuscate (https://github.com/obfuscator-llvm/obfuscator/wiki) It has some nice features to obfuscate during compilation. You are replacing your default compiler with that one.
There are for Windows of course VMWare oder Themdia that can post process but that is not the case.

Besides that I just know one more which is Liasoft antispy. It is a very advanced anti analysis toolkit that allows you to encrypt functions and much more during compilation using mixed Objective-C and C++ code. ( https://www.liasoft.de/en/products/antispy/ )

Not sure if one of these is the right one for you. Except these things you are pretty lost since Objective-C is a compiled language with lots of metadata.

Hope I could help you, this is my first post.

That covers pretty much everything that is available as out of the box solutions. Rolling your own obfuscation might also be a solution, when you go that route keep in mind the step learning curve and maintenance debt you might introduce into your code base. — superreeen, Apr 21 '19 at 08:14

score 0 · Answer 2 · answered Apr 02 '14 at 07:16

If you only care about obfuscating method names then the easiest way is to write relevant parts of your application in C or C++. For instance, you can rewrite your SecurityClass as a C++ class instead of Objective-C class. This will not make your code reverse-engineering-proof, but it will at least raise the bar a bit. (NOTE: I'm not saying this is the right thing to do from software engineering point of view, though).

If you need to obfuscate code, then you are in a search for a tool that can do this. There are several such tools, both commercial and free. One project for doing exactly this is obfuscator-llvm.

How to obfuscate iOS binary.

2 Answers2