9

GCC allows you to write optimization plugins that can be used to obfuscate your compiled executable, but this wasn't ported to mingw. LLVM allows something similar but barfs when including Windows.h.

Is there a compiler that will allow me to get access to the AST right before link time, and produce a Windows executable?

mrduclaw
  • 4,066
  • 8
  • 27
  • 40
  • 1
    Why do you need windows.h in the compiler? – Igor Skochinsky Mar 23 '13 at 13:21
  • 1
    There's been a lot of work on getting clang to work on windows. There are some flags that you you should pass maybe (like -fms-extensions). I think at this point the clang team advertises they work on windows.h, I know I've gotten it to work before... – Andrew Mar 23 '13 at 14:33
  • @IgorSkochinsky Please forgive my ignorance, was that a slight at Microsoft or am I doing something wholly wrong? – mrduclaw Mar 23 '13 at 19:20
  • @Andrew I tried passing -fms-extensions previously, but ran into issues. This has been some months, maybe it's fixed now. Thanks. – mrduclaw Mar 23 '13 at 19:21
  • "Obfuscating" raises one question: what for? What do you want to achieve? – 0xC0000022L Apr 02 '13 at 01:21
  • @0xC0000022L I suppose "I would like to achieve some level of obfuscation" isn't sufficient? In my mind, this is related to the question about hiding compiler artifacts as a means of making reverse engineering more difficult. – mrduclaw Apr 02 '13 at 01:38
  • @mrduclaw: gotcha. Nope, makes perfect sense this way. However, I reckon the artifacts you'd also have to treat in such a case also include the stuff that gets linked into the binary. I.e. not just the stuff you compile but also what you link such as libgcc. – 0xC0000022L Apr 02 '13 at 03:01
  • @0xC0000022L Agreed, there'd still be some problems. But changing up function prologues and epilogues might be fun anyway. – mrduclaw Apr 02 '13 at 03:11

2 Answers2

7

A couple of things you might want to look at:

rev
  • 1,293
  • 12
  • 22
Rolf Rolles
  • 9,198
  • 1
  • 23
  • 33
  • To clarify a bit: the book is very good, but it is not really about how to write (extensions) for specific compilers. It rather covers the underlying concepts of program transformations in order to apply obfuscations to programs in general. – newgre Apr 03 '13 at 09:57
2

There was a compiler infrastructure named phoenix (also see wikipedia). I even used it for some program transformations, but unfortunately it never made it beyond what MS calls a "Community Technology Preview (CTP)". Now it appears to be dead, I get 404's for each of the links on the MS research page, so it seems to me that this project was discontinued.

If you're interested in using LLVM/CLANG on Windows you might want to have a look at this page, which offers an extension to use LLVM from within VS. I gave it a short try and cannot say much about it, but it should allow you to compile and build extensions for LLVM on Windows.

newgre
  • 1,183
  • 7
  • 18