Comment by π LucasMW
@stack
It was an old idea that I had back on the university. I thought it was cool.
Basically, it is an aditional layer of protection against source theft. Specially, against automated source theft, that is now common.
2025-05-06 Β· 1 year ago
16 Later Comments β
π² Half_Elf_Monk Β· 2025-05-06 at 20:20:
This sounds like a fun project, but tbh it seems like it'd be more useful to people trying to inject/obfuscate malicious code, than as a deterrant for automated source theft. I guess I'm curious... if you're publishing code as open source, what's the difference between manual and automated access to your code?
π LucasMW [OP] Β· 2025-05-06 at 20:33:
@Half_Elf_Monk the thing isn't automated access; if you have git pull script which builds it from time to time, it is automated access.
Theft is when you take it and claim it yours, with no regard for the license. Then, automated theft is different due to its sheer scale and how it is wealth transfer between simple enthusiasts to monopolistic forces. I would rather not help with the latter.
π LucasMW [OP] Β· 2025-05-06 at 20:45:
@Half_Elf_Monk This isn't related to open source either. Source theft is happening everywhere, specially to private repositories. Imagine, for example, a private repository on github or other provider. The company has access to it, hackers may have as well.
This is more like an extra layer of work the thief will have to do before stealing it for whatever reason.
π stack Β· 2025-05-06 at 22:06:
I am having a hard time imagining how that would work. You keep your source, with many comments, in order to understand what it does a year later and maybe be able make some changes.Why would you keep obfuscated source around since it's impossible to understand or change?
It's like buying very uncomfortable furniture just in case someone breaks into your house and sits down.
π» darkghost Β· 2025-05-06 at 22:23:
I seem to recall people having fun with #def's so they could make code that said "like <insert function here> man"
π undefined Β· 2025-05-07 at 03:06:
You could just parse the preprocessed file. There's a standalone c parser that's a part of stb libraries, idk how robust it is given that c parsing is kinda nontrivial in some edge cases. Or just any c parser I guess. Then once you have the syntax tree, you walk through it and output everything the same as it was instead of variables/function names, which you remap to whatever you wanted to.
π undefined Β· 2025-05-07 at 03:11:
Btw renaming global symbols would make most projects not compilable anyway since they're expected to have the names they have for linking, both static and dynamic :)
π LucasMW [OP] Β· 2025-05-07 at 06:32:
@undefined. Thanks, I will check this stb parser, to see if it fits my needs.
π LucasMW [OP] Β· 2025-05-07 at 06:33:
@stack just imagine you can keep a map of the original to renamed symbols elsewhere and can obfuscate and deobfuscate easyly at will.
π jsreed5 Β· 2025-05-07 at 14:32:
I don't have a solution to recommend, but I'm reminded of how Swift allows programmers to use emoji as variable names. https://www.globalnerdy.com/wordpress/wp-content/uploads/2014/06/poopy-swift-code-example.jpg
π stack Β· 2025-05-07 at 17:25:
I understand, but I cannot imagine why anyone would expose source unless it was the intent! If you are hiding the secret part that makes it readable, why not hide the actual source file itself!
The only (awful) case I can imagine is if you are contractually obligated to deliver compilable sources but want to screw the other party ...
π¦ zzo38 Β· 2025-05-07 at 17:47:
Maybe it can be useful if the names interfere with other files or are not valid on one computer, they can be automatically changed to names that do not interfere and are valid. However, it may be necessary to do this across multiple source files. (In some cases, it may make more sense to change the names after the file is compiled.)
π stack Β· 2025-05-07 at 22:34:
As a bonus, try to use similar-looking unpronounceable symbols and make sure to use same names for locals, globals, and function names, as much as possible
Mixing I and 1, and O and 0 is good. Or use Unicode look-alike glyphs
Or better yet just post some junk code and really confuse them, whoever they are
π» darkghost Β· 2025-05-07 at 23:02:
Isn't abuse of goto making the worst spaghetti code possible another form of obfuscation? Combined with similar looking labels like above.
π stack Β· 2025-05-08 at 00:59:
Automatically create a slew of loops and conditionals using bullshit variables initialized elsewhere, in such a way that they will get optimized out.
π norayr Β· 2025-05-13 at 20:36:
β isn't c code obfuscated enough already?
Original Post
Obfuscating C β I am working on a code obfuscator. Basically the idea is to rename every symbol in the program to another name, thus destroyng information. The idea is also customization of the generated names according to wordlists and rulesets (for example, one pokΓ©mon themed) I already have some kind of proof of concept: For example, this small program: [preformatted] I wish there was some shortcuts. Does anyone knows an easy way of given a source file, to extract a list of all variable...
π¬ 18 comments Β· 1 like Β· 2025-05-06 Β· 1 year ago Β· #coding #programming #software