Below are some simple recipes that will make it easy for you to get started using Tigress. See them as a starting point for you to explore all of Tigress' features, not as recommendations for particular situations. Before using any kind of software protection technique you must start with a detailed security analysis:
Only when you have answered these questions, and have determined that obfuscation needs to be an integral part of your architecture, can you start putting together Tigress scripts. Over time we will add more recipes here. If you have found a particular combination of Tigress transformations useful, please let us know, and we will add your recipe to the collection!
In the examples below we will be using these programs as input: test.c and test-jit.c.
Here is a simple recipe that should have a relatively low performance impact:
tigress --Seed=42 --Statistics=0 --Verbosity=0 --Environment=x86_64:Darwin:Clang:5.1 \
--Transform=InitEntropy \
--Functions=init_tigress \
--InitEntropyKinds=vars \
--Transform=InitOpaque \
--Functions=init_tigress \
--InitOpaqueStructs=list,array,env \
--Transform=InitBranchFuns \
--InitBranchFunsCount=1 \
--Transform=AddOpaque \
--Functions=fac,fib \
--AddOpaqueStructs=list \
--AddOpaqueKinds=true \
--Transform=AntiBranchAnalysis \
--Functions=fac,fib \
--AntiBranchAnalysisKinds=branchFuns \
--AntiBranchAnalysisObfuscateBranchFunCall=false \
--AntiBranchAnalysisBranchFunFlatten=true \
--Transform=EncodeArithmetic \
--Functions=fac,fib \
test.c --out=output1.c
Here is the resulting code. There are a few things to note here:
This transformation shows off a combination of two more powerful transformation, virtualization and self-modifying code, that together is likely to have serious performance impact:
tigress --Seed=42 --Statistics=0 --Verbosity=0 --Environment=x86_64:Darwin:Clang:9.0 \
--Transform=InitEntropy \
--Functions=init_tigress \
--InitEntropyKinds=vars \
--Transform=InitOpaque \
--Functions=init_tigress \
--InitOpaqueStructs=list,array,env \
--Transform=Virtualize \
--Skip=false \
--VirtualizeDispatch=ifnest \
--Functions=fac,fib \
--Transform=SelfModify \
--Skip=false \
--Functions=fac,fib \
--SelfModifySubExpressions=false \
--SelfModifyBogusInstructions=10 \
test.c --out=output2.c
Here is the resulting code. Here are a few things to note:
In this recipe we first virtualize and then add dynamic obfusction; i.e. the program will decode and re-encode itself as it is running. In this particular case we decode/encode using the XTEA cipher:
tigress --Seed=42 --Statistics=0 --Verbosity=0 --Environment=x86_64:Darwin:Clang:5.1 \
--Transform=InitEntropy \
--Functions=init_tigress \
--InitEntropyKinds=vars \
--Transform=InitOpaque \
--Functions=init_tigress \
--InitOpaqueStructs=list,array,env \
--Transform=Virtualize \
--Skip=false \
--VirtualizeDispatch=direct \
--Functions=fib \
--Transform=JitDynamic \
--Skip=false \
--Functions=fib \
--JitDynamicCodecs=xtea \
--JitDynamicBlockFraction=%100 \
--Transform=Measure \
--Functions=fib \
--MeasureTimes=100 \
test-jit.c --out=output3.c
Here is the resulting code. Here are a few things to note:
In this recipe we first merge all functions together. This includes init_tigress which has important secrets in it, in particular the initalization of opaque structures:
tigress --Seed=42 --Statistics=0 --Verbosity=1 --Environment=x86_64:Darwin:Clang:9.0 \
--Transform=InitEntropy \
--Functions=init_tigress \
--InitEntropyKinds=vars \
--Transform=InitOpaque \
--Functions=init_tigress \
--InitOpaqueStructs=list,array,env \
--Transform=Merge \
--MergeFlatten=false \
--MergeName=MERGED \
--Functions=fib,fac,init_tigress \
--Transform=Virtualize \
--VirtualizeDispatch=direct \
--Functions=MERGED \
--Transform=EncodeLiterals \
--Functions=main \
test.c --out=output4.c
Here is the resulting code. Here are a few things to note: