• Stars
    star
    467
  • Rank 93,935 (Top 2 %)
  • Language
    C++
  • Created over 6 years ago
  • Updated over 6 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Sirius - Swift Obfuscator

Overview

Sirius is a tool for performing source-to-source obfuscation of Swift projects.

Basically, it transforms your code from this:

class Sample: UIViewController {
  var value = 42
  
  override func viewDidLoad() {
    super.viewDidLoad()
    configure()
    foo(bar: 1)
  }
  
  func foo(bar baz: Int) {
    value += baz
  }
}

protocol Configurable {
  func configure()
}

extension Sample: Configurable {
  func configure() { }
}

to this:

class aqoxMfcPUXffEuurviH_ZPMDW2hCmXDR: UIViewController {
  var a0vLRcFFAQ1Lvw2sf4ZIigWKjXjpJpug = 42
  
  override func viewDidLoad() {
    super.viewDidLoad()
    A6PP2E5mcmjEsgOvTeXwy2G44vzYLa6H()
    xG1qrXIMEJC1Eoma2Qbp_ZWJ5y2lrGYX(KuT5vOLIISvSJyju6bYxsHO_vlWUU589: 1)
  }
  
  func xG1qrXIMEJC1Eoma2Qbp_ZWJ5y2lrGYX(KuT5vOLIISvSJyju6bYxsHO_vlWUU589 vjCKgTT7Cf0ZlEi9giLZstzgdC9XLQcd: Int) {
    a0vLRcFFAQ1Lvw2sf4ZIigWKjXjpJpug += vjCKgTT7Cf0ZlEi9giLZstzgdC9XLQcd
  }
}

protocol dVUt_HSz_a1q1JsbyTJVfk0KeXej8a4z {
  func A6PP2E5mcmjEsgOvTeXwy2G44vzYLa6H()
}

extension aqoxMfcPUXffEuurviH_ZPMDW2hCmXDR: dVUt_HSz_a1q1JsbyTJVfk0KeXej8a4z {
  func A6PP2E5mcmjEsgOvTeXwy2G44vzYLa6H() { }
}

The resulting obfuscated project is much more difficult to reverse engineer by the attacker.

Usage

  1. Get latest sirius executable from here.

  2. Run:

$ bin/sirius -projectrootpath <path-to-xcode-project> -obfuscatedproject `<path-for-obfuscated-project>` [-namemappingstrategy <name-mapping-strategy>] [-keepintermediates] [-inplace] [-verbose]

where

<path-to-xcode-project> is a path to Xcode project root folder. It's the folder that contains both the Xcode project file (.xcodeproj or .xcworkspace) and the source files. It is passed to file-extractor tool.

<path-for-obfuscated-project> is the path to the directory that the newly generated obfuscated Swift source code files will be written to, as well as the new project. Is is passed to renamer tool.

In case when project should be obfuscated in place (without making a copy), -inplace argument can be used instead of -obfuscatedproject.

<name-mapping-strategy> is the optional parameter of type enum string. Is is passed to name-mapper tool. Is determines, which of the following strategies is used when generating the obfuscated symbol names:

  • random strategy generates random alphanumeric strings of length 32, e.g. gnxWyHU0uN3bXejy8bVAoNbyfg4gRuN8.
  • deterministic strategy generates deterministic renames based on symbol's original name, e.g. T1_RootViewController.
  • minifying strategy generates strings as short as possible, e.g. a.

When the -namemappingstrategy parameter is not provided, the default random strategy is used.

-keepintermediates is the optional flag. When present, the interemediate files used to pass the necessary info between the tools invoked by ObfuscatorTool (files.json, symbols.json, renames.json) will not be removed after successful obfuscation process.

-verbose is the optional flag. When present, the flag is passed to each tool invoked by ObfuscatorTool and all debug info messages from each tool are printed to standard output.

Verification

Verify the outcome of the obfuscation by opening the obfuscated project in Xcode. Use verification-suite and Hopper to check symbol names in mach-O file built from the obfuscated project.

Motivation

This project was developed for a particular iOS app that we needed to obfuscate. It is therefore a non-generalizable tool designed to solve the problem of obfuscating the single source code.

It shows, however, how the Swift compiler might be used as a library for building the powerful and flexible developer tools.

The app that motivated the development of Sirius is using:

  • Swift 4.0 only (no Objective-C)
  • Cocoapods
  • .storyboard files
  • CoreData

If your app has the same set of characteristics, we encourage you to try to obfuscate it. It may or may not work, depending on the Swift language constructs that you used.

Limitations

Sirius is not production-ready. Some code constructs that are allowed in Swift, won't be properly renamed by Sirius. This might lead to obfuscated project that is not compiling or crashes at runtime.

Some code constructs that are not yet supported:

  • Backticks
func `backticksName`() {}
  • #if #else #endif preprocessor macros
  • Old Swift selectors
let foo = Selector(("bar:"))

Symbols that won't be renamed by Sirius even though they are visible in mach-O binary:

  • Enum associated values
enum EnumWithAssoc {
  case1(assoc: Int)
}

For more examples of unsupported constructs head here.

For constructs that are deliberately excluded from renaming head here.

Components

The Sirius - Swift Obfuscator suite consists of command line tools organized in repositories:

Repository Tool Overview
ObfuscatorTool sirius Umbrella tool that exposes the unified command line interface to perform the obfuscation of Xcode project. It executes tools: file-extractor, symbol-extractor, name-mapper, renamer and passes the intermediate files between them.
FileExtractor file-extractor Extracts the data about Xcode project based on the root project's path (e.g. the list of .swift source files, the list of frameworks required to build the project) to files.json.
SymbolExtractorAndRenamer symbol-extractor Extracts symbols from .swift source files to symbols.json.
SymbolExtractorAndRenamer name-mapper Generates the new names for the symbols provided in symbols.json.
SymbolExtractorAndRenamer renamer Performs the renaming of symbols based on renames.json.
VerificationSuite verification-suite Tool for presenting the changes made in obfuscation process.

Contributing

Contributing to main command line tool (sirius)

If you wish to contribute to sirius (umbrella command line tool), head to BuildNotes and GettingStarted.

Contributing to other tools from Sirius suite

If you wish to contribute to other tools from Sirius - Swift Obfuscator suite, head to the repositories:

Contributors to Sirius suite

In the alphabetical order:

CLA

We require contributors to have signed Contributor Licence Agreement.

Support

Polidea may provide commercial support for extending the Sirius obfuscator to work with your app.

Licence

Copyright 2018 Polidea Sp. z o.o

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

   http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

More Repositories

1

RxBluetoothKit

iOS & OSX Bluetooth library for RxSwift
Swift
1,408
star
2

cmake-nRF5x

cmake script for nRF5 series SoC
C
121
star
3

Cockpit

Easily define a set of parameters that can be accessed and changed by the developers via built-in compact UI at runtime.
Kotlin
119
star
4

android-hierarchy-viewer

HTML
113
star
5

Cellular-Data-Network-Simulator

Webapp to monitor network usage and simulate network link conditions
Shell
100
star
6

tree-view-list-android

Provide configurable tree view list for android devices
Java
82
star
7

android-zoom-view

Android zooming view
Java
76
star
8

blemulator_flutter

BLEmulator Flutter: the Flutter BLE peripheral simulator
Dart
73
star
9

android-coverflow

Simple implementation of android's cover flow widget.
Java
68
star
10

basset-ios

Converting vector based images to iOS-style PNG(s) tool that organizes them in XCode Assets
Python
53
star
11

state-machine-android

A lightweight state machine implementation for Android.
Java
24
star
12

SOCK

Simple Omitter of Conflicts Kit - tool that prevents some of merge conflicts in .pbxproj file in Xcode projects
Python
23
star
13

the-missing-android-xml-junit-test-runner

Test runner that produces standard junit XML output file
Java
22
star
14

PLVisualAttributeConstraints

Custom VFL (Visual Format Language) for creating NSLayoutConstraint's. Offers more readable and concise replacement for constraintWithItem:attribute:relatedBy:toItem:attribute:multiplier:constant: (NSLayoutConstraint, AutoLayout mechanism)
Objective-C
22
star
15

react-native-blemulator

BLE simulator for react-native-ble-plx
TypeScript
20
star
16

Health2Fitbit

Simple tool that exports steps from HealthKit (eg. from Apple Watch) to Fitbit
Objective-C
17
star
17

android-section-list

Provides implementation of list which is divided to sections
Java
15
star
18

AndroidImageCache

LRU based Bitmap cache for Android. In Addition WebImageView for loading images from web resources.
Java
15
star
19

Polithings

Set of drivers for Android Things
Kotlin
14
star
20

better-gesture-detector

Android gesture detector better than default one
Java
13
star
21

SiriusObfuscator-SymbolExtractorAndRenamer

C++
11
star
22

ResourceSweeper

Python
11
star
23

PLObservers

Small tool for fast implementation of multi-observer pattern in Objective-C
Objective-C
9
star
24

android-image-manager

Image manager for android applications.
Java
8
star
25

recycler-view-adapters

A set of RecyclerView adapters, that are adding some great new features.
Java
8
star
26

android-flip3d

Android widget that allows for 3D-flipping of alternate views
Java
7
star
27

PLCoreDataUtils

A set of helper methods for CoreData
Objective-C
6
star
28

PLImageManager

image manager/downloader for iOS
Objective-C
6
star
29

Shuttle-Backend

Shuttle makes easy, secure and fast mobile apps distribution possible. It allows delivering iOS and Android mobile applications to stakeholders from the very beginning of the cooperation with the app creators. To try out our solution, simply use our code and if you need frontend and mobile app — contact us directly!
Groovy
6
star
30

at_candle

Example of candle powered by Android Things
Kotlin
4
star
31

android-notification-utils

Small set of utilities used by Polidea to develop android notifications
Java
4
star
32

PLColors

Objective-C library to create UIColor/NSColor objects based on the HEX color representation.
Objective-C
4
star
33

SiriusObfuscator-FileExtractor

Ruby
4
star
34

SiriusObfuscator-VerificationSuite

Swift
4
star
35

PLXCoreBluetooth-RACExtensions

Reactive Cocoa Extensions to CoreBluetooth
Objective-C
4
star
36

PLXFrameLayout

AutoLayout on frames
Objective-C
3
star
37

android-menu-navigator

Build navigation from json menu description
Java
3
star
38

dag-checks

The dag-checks consist of checks that can help you in maintaining your Apache Airflow instance.
Python
3
star
39

PLXImageManager

Image manager/downloader for iOS
Objective-C
2
star
40

mce-heatmap

Heatmap from MCE
JavaScript
1
star
41

PIXIE

Firmware for beautiful PIXIE device.
C++
1
star
42

docker-101

Example Docker project to help you bootstrap your awesome apps.
CSS
1
star
43

PLXColors

Objective-C library to create UIColor/NSColor objects based on the HEX color representation.
Objective-C
1
star
44

FrameLayout

AutoLayout on frames. This repo has been moved to
Objective-C
1
star
45

PLXObservers

Small tool for fast implementation of multi-observer pattern in Objective-C
Objective-C
1
star
46

PLXVisualAttributeConstraints

Custom VFL (Visual Format Language) for creating NSLayoutConstraint's. Offers more readable and concise replacement for constraintWithItem:attribute:relatedBy:toItem:attribute:multiplier:constant: (NSLayoutConstraint, AutoLayout mechanism)
Objective-C
1
star