X hits on this document

301 views

0 shares

0 downloads

0 comments

56 / 120

the limit itself. This type of obfuscation is as strong as the function used to obscure the

actual condition is to unravel. Keep in mind that a reverse engineer will not have the

non-obfuscated machine code for reference, so even a very weak function, like the one

used in this solution, may be effective at wasting some of a reverser's time. The numeric

function used here is very simple; more complex functions can be devised that would

further decrease the readability of the machine code.

7.6.3 Control Flow Obfuscation for the Record Limit Check

We introduce some non-essential, recursive, and randomized logic to the

password limit check in PasswordVault.cpp to make it more difficult for a reverser to

perform static or live analysis. A design for obfuscated control flow logic which

ultimately implements the trial limitation check is given in Fig. 7.3. Since no standards

exist for control flow obfuscation, this algorithm was designed by the author using the

cyclomatic complexity metric defined by McCabe [24] as a general guideline for creating

a highly-complex control flow graph for the trial limitation check.

48

Document info
Document views301
Page views302
Page last viewedSat Dec 03 02:58:41 UTC 2016
Pages120
Paragraphs2913
Words25794

Comments