Webkoof

Obfuscated codes are source codes which are difficult to understand and adapt. There are many reasons people obfuscate codes: some wants to hide the code because they don’t want anyone else to copy/reuse portions of their code, sometimes people want to win competitions , sometimes they want to impress others and sometimes they do because they have too much of free time and its fun. If you want to see some cool example of obfuscated code, check this out.

So, how do we do it? If you are a decent enough programmer with little bit of creativity, there are endless possibilities you can innovate. I’m listing most common ones here:

• Replace variable names with non-meaningful ones, e.g. replacing int i with int xxxxxxx or better int lIlIIllIIl.
• Replace numeric constants with expressions, e.g. replacing 232 with (0x14b6+2119-0x1c15)
• Replace characters in strings with their hex escapes, e.g. turning string "cust" into "\x63\x75\x73\x74"
• Remove or obfuscate the comments.
• Delete all line breaks, spaces, tabs. You can also arrange them to look like a shape. (See example here)
• Use Macros. Real complex one. Simple Example: #define MIN( x, y)  ( ( x) > ( y) ? ( y) : ( x) )
• Obfuscate the macros using techniques mentioned above. Example 1: #define lIlIIlIIIl( IIIlIlIlll, IlIIIllIll) ( ( IIIlIlIlll) > ( IlIIIllIll) ? ( IlIIIllIll) : ( IIIlIlIlll) ) or Example 2: #define OO0O00O000( O000O0O0OO, O0O000OO0O) ( ( O000O0O0OO) > ( O0O000OO0O) ? ( O0O000OO0O) : ( O000O0O0OO) ) In first case, we used combination of l and I and in second example we used combination of O (capital alphabet) and 0 (zero). (Notice that small O and zero looks almost same. “o0″ 1st one is vowel O and second one is digit 0) So, we can use this also.
• Use _ and __ as identifiers.
• Extended ASCII characters are perfectly valid as variable names in some languages, including ß, Ð, and ñ characters. They are almost impossible to type without copying/pasting in a simple text editor and they look cool.
• Use Continuation to hide variables:
  Instead of using
  #define local_var xy_z
  break up “xy_z” onto two lines:
  #define local_var xy\
  _z // local_var OK

• Be innovative with preprocessor directives. Through clever use of defines and ifdefs, a master of obfuscation can make header files declare different things depending on how many times they are included. This becomes especially interesting when one header is included in another header. Here is a particularly devious example: (taken from reference given below)

  #ifndef DONE
   
  #ifdef TWICE
   
  // put stuff here to declare 3rd time around
  void g(char* str);
  #define DONE
   
  #else // TWICE
  #ifdef ONCE
   
  // put stuff here to declare 2nd time around
  void g(void* str);
  #define TWICE
   
  #else // ONCE
   
  // put stuff here to declare 1st time around
  void g(std::string str);
  #define ONCE
   
  #endif // ONCE
  #endif // TWICE
  #endif // DONE

  This one gets fun when passing g() a char*, because a different version of g() will be called depending on how many times the header was included.

Be imaginative and sky is your limit. There are also some tools available to obfuscate the codes. One such example is Stunnix. For more ways to obfuscate, read Roedy Green’s How To Write Unmaintainable Code.

If you think that program below will not get compiled, think again. Try compiling and running it. And see the output it produces.

#include<stdio.h>
main()
{
int a,b,c;
int count = 1;
for (b=c=10;a=
"- LLLLLL?, LMKC,XYZHELLO FOLKS,\
TFy!QJu ROo TNn(ROo)SLq SLq ULo+\
UHs UJq TNn*RPn/QPbEWS_JSWQAIJO^\
NBELPeHBFHT}TnALVlBLOFAkHFOuFETp\
HCStHAUFAgcEAelclcn^r^r\\tZvYxXy\
T|S~Pn SPm SOn TNn ULo0ULo#ULo-W\
Hq!WFs XDt!" [b+++21]; )
 
for(; a-- > 64 ; )
putchar ( ++c=='Z' ? c = c/ 9:33^b&1);
 
}

Ya! This is a valid C program. It will produce a map of India.  This kind of source codes are called Obfuscated codes. Obfuscated codes ares source codes or intermediate language that is very hard to read and understand, often intentionally.

See one more example from wikipedia:

#include <stdio.h>
main(t,_,a)char *a;{return!0<t?t<3?main(-79,-13,a+main(-87,1-_,
main(-86,0,a+1)+a)):1,t<_?main(t+1,_,a):3,main(-94,-27+t,a)&&t==2?_<13?
main(2,_+1,"%s %d %d\n"):9:16:t<0?t<-72?main(_,t,
"@n'+,#'/*{}w+/w#cdnr/+,{}r/*de}+,/*{*+,/w{%+,/w#q#n+,/#{l,+,/n{n+,/+#n+,/#\
;#q#n+,/+k#;*+,/'r :'d*'3,}{w+K w'K:'+}e#';dq#'l \
q#'+d'K#!/+k#;q#'r}eKK#}w'r}eKK{nl]'/#;#q#n'){)#}w'){){nl]'/+#n';d}rw' i;# \
){nl]!/n{n#'; r{#w'r nc{nl]'/#{l,+'K {rw' iK{;[{nl]'/w#q#n'wk nw' \
iwk{KK{nl]!/w{%'l##w#' i; :{nl]'/*{q#'ld;r'}{nlwb!/*de}'c \
;;{nl'-{}rw]'/+,}##'*}#nc,',#nw]'/+kd'+e}+;#'rdq#w! nr'/ ') }+}{rl#'{n' ')# \
}'+}##(!!/")
:t<-50?_==*a?putchar(31[a]):main(-65,_,a+1):main((*a=='/')+t,_,a+1)
  :0<t?main(2,2,"%s"):*a=='/'||main(0,main(-61,*a,
"!ek;dc i@bK'(q)-[w]*%n+r3#l,{}:\nuwloca-O;m .vpbks,fxntdCeghiry"),a+1);}

This will generate the 12 verses of The 12 Days of Christmas. It contains all the strings required for the poem in an encoded form inlined in the code. The code iterates through the 12 days displaying what it needs to.