[功能] 方法字段参数名支持 useEvilCharInstead 特殊字符 @4ra1n
This commit is contained in:
4ra1n
@@ -1,11 +1,14 @@
|
|||||||
# CHANGELOG
|
# CHANGELOG
|
||||||
|
|
||||||
## 1.7.1
|
## 1.8.0
|
||||||
|
|
||||||
更新日志:
|
更新日志:
|
||||||
|
|
||||||
|
- [功能] 方法字段参数名支持 `useEvilCharInstead` 特殊字符 @4ra1n
|
||||||
|
- [功能] 花指令添加字符串支持 `enableEvilString` 特殊字符 @4ra1n
|
||||||
- [BUG] 加密解密字符串编码问题导致中文乱码 @4ra1n
|
- [BUG] 加密解密字符串编码问题导致中文乱码 @4ra1n
|
||||||
- [BUG] 某些情况当前目录会生成多余的临时文件 @4ra1n
|
- [BUG] 某些情况当前目录会生成多余的临时文件 @4ra1n
|
||||||
|
- [优化] 优化丢失的命令行配置提示 @4ra1n
|
||||||
|
|
||||||
感谢以下用户的贡献:
|
感谢以下用户的贡献:
|
||||||
|
|
||||||
|
|||||||
10
README.md
10
README.md
@@ -17,6 +17,8 @@
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
本项目已深度集成到 `web-chains` 项目中 (https://github.com/vulhub/java-chains)
|
本项目已深度集成到 `web-chains` 项目中 (https://github.com/vulhub/java-chains)
|
||||||
|
|
||||||
|
|
||||||
@@ -165,6 +167,9 @@ advanceStringName: ME_N1AR4_CLAZZ_OBF_PROJECT
|
|||||||
enableJunk: true
|
enableJunk: true
|
||||||
# 花指令混淆级别 1-5
|
# 花指令混淆级别 1-5
|
||||||
junkLevel: 3
|
junkLevel: 3
|
||||||
|
# 花指令可以使用常见的随机字符
|
||||||
|
# 也可以使用恶意的字符生成更具有迷惑的代码
|
||||||
|
enableEvilString: true
|
||||||
# 一个类中花指令最多数量
|
# 一个类中花指令最多数量
|
||||||
maxJunkOneClass: 1000
|
maxJunkOneClass: 1000
|
||||||
|
|
||||||
@@ -186,6 +191,11 @@ expandParamNum: 3
|
|||||||
# expand 操作只会对白名单方法名进行混淆
|
# expand 操作只会对白名单方法名进行混淆
|
||||||
expandMethodList:
|
expandMethodList:
|
||||||
- "test"
|
- "test"
|
||||||
|
|
||||||
|
# 使用恶意的字符替换方法名 字段名 参数名等
|
||||||
|
# 注意:如果开启了该项 obfuscateChars 将无效
|
||||||
|
# 注意:该功能不确定在所有版本 JAVA 上可以稳定运行
|
||||||
|
useEvilCharInstead: true
|
||||||
```
|
```
|
||||||
|
|
||||||
## 如何测试
|
## 如何测试
|
||||||
|
|||||||
BIN
img/010.png
Normal file
BIN
img/010.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 97 KiB |
@@ -2,6 +2,7 @@ package me.n1ar4.clazz.obfuscator.asm;
|
|||||||
|
|
||||||
import me.n1ar4.clazz.obfuscator.Const;
|
import me.n1ar4.clazz.obfuscator.Const;
|
||||||
import me.n1ar4.clazz.obfuscator.config.BaseConfig;
|
import me.n1ar4.clazz.obfuscator.config.BaseConfig;
|
||||||
|
import me.n1ar4.clazz.obfuscator.utils.EvilObfUtil;
|
||||||
import me.n1ar4.clazz.obfuscator.utils.JunkUtil;
|
import me.n1ar4.clazz.obfuscator.utils.JunkUtil;
|
||||||
import me.n1ar4.clazz.obfuscator.utils.RandomUtil;
|
import me.n1ar4.clazz.obfuscator.utils.RandomUtil;
|
||||||
import me.n1ar4.jrandom.core.JRandom;
|
import me.n1ar4.jrandom.core.JRandom;
|
||||||
@@ -141,7 +142,11 @@ public class JunkCodeClassVisitor extends ClassVisitor {
|
|||||||
|
|
||||||
mv.visitTypeInsn(Opcodes.NEW, "java/lang/String");
|
mv.visitTypeInsn(Opcodes.NEW, "java/lang/String");
|
||||||
mv.visitInsn(Opcodes.DUP);
|
mv.visitInsn(Opcodes.DUP);
|
||||||
mv.visitLdcInsn(JRandom.getInstance().randomString(16));
|
if (config.isEnableEvilString()) {
|
||||||
|
mv.visitLdcInsn(EvilObfUtil.randomString(16));
|
||||||
|
} else {
|
||||||
|
mv.visitLdcInsn(JRandom.getInstance().randomString(16));
|
||||||
|
}
|
||||||
mv.visitMethodInsn(Opcodes.INVOKESPECIAL, "java/lang/String", "<init>",
|
mv.visitMethodInsn(Opcodes.INVOKESPECIAL, "java/lang/String", "<init>",
|
||||||
"(Ljava/lang/String;)V", false);
|
"(Ljava/lang/String;)V", false);
|
||||||
mv.visitInsn(Opcodes.POP);
|
mv.visitInsn(Opcodes.POP);
|
||||||
@@ -155,7 +160,11 @@ public class JunkCodeClassVisitor extends ClassVisitor {
|
|||||||
mv.visitLabel(ifLabel);
|
mv.visitLabel(ifLabel);
|
||||||
mv.visitFieldInsn(Opcodes.GETSTATIC, "java/lang/System",
|
mv.visitFieldInsn(Opcodes.GETSTATIC, "java/lang/System",
|
||||||
"out", "Ljava/io/PrintStream;");
|
"out", "Ljava/io/PrintStream;");
|
||||||
mv.visitLdcInsn(JRandom.getInstance().randomString(16));
|
if (config.isEnableEvilString()) {
|
||||||
|
mv.visitLdcInsn(EvilObfUtil.randomString(16));
|
||||||
|
} else {
|
||||||
|
mv.visitLdcInsn(JRandom.getInstance().randomString(16));
|
||||||
|
}
|
||||||
mv.visitMethodInsn(Opcodes.INVOKEVIRTUAL, "java/io/PrintStream",
|
mv.visitMethodInsn(Opcodes.INVOKEVIRTUAL, "java/io/PrintStream",
|
||||||
"println", "(Ljava/lang/String;)V", false);
|
"println", "(Ljava/lang/String;)V", false);
|
||||||
mv.visitJumpInsn(Opcodes.GOTO, endLabel);
|
mv.visitJumpInsn(Opcodes.GOTO, endLabel);
|
||||||
|
|||||||
@@ -22,10 +22,11 @@ public class BaseConfig {
|
|||||||
|
|
||||||
private boolean enableXOR;
|
private boolean enableXOR;
|
||||||
private boolean enableAES;
|
private boolean enableAES;
|
||||||
private boolean enableJunk;
|
|
||||||
private boolean enableDeleteCompileInfo;
|
private boolean enableDeleteCompileInfo;
|
||||||
|
|
||||||
|
private boolean enableJunk;
|
||||||
private int junkLevel;
|
private int junkLevel;
|
||||||
|
private boolean enableEvilString;
|
||||||
private int maxJunkOneClass;
|
private int maxJunkOneClass;
|
||||||
|
|
||||||
private boolean ignorePublic;
|
private boolean ignorePublic;
|
||||||
@@ -41,6 +42,8 @@ public class BaseConfig {
|
|||||||
private int expandParamNum;
|
private int expandParamNum;
|
||||||
private String[] expandMethodList;
|
private String[] expandMethodList;
|
||||||
|
|
||||||
|
private boolean useEvilCharInstead;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 如果配置没问题可以启动就返回 true
|
* 如果配置没问题可以启动就返回 true
|
||||||
*
|
*
|
||||||
@@ -110,6 +113,10 @@ public class BaseConfig {
|
|||||||
config.setObfuscateChars(new String[]{"i", "l", "L", "1", "I"});
|
config.setObfuscateChars(new String[]{"i", "l", "L", "1", "I"});
|
||||||
config.setAdvanceStringName("iii");
|
config.setAdvanceStringName("iii");
|
||||||
config.setMethodBlackList(new String[]{"main"});
|
config.setMethodBlackList(new String[]{"main"});
|
||||||
|
// 默认不开启多余功能
|
||||||
|
config.setEnableExpandMethod(false);
|
||||||
|
config.setUseEvilCharInstead(false);
|
||||||
|
config.setEnableEvilString(false);
|
||||||
return config;
|
return config;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -157,6 +164,16 @@ public class BaseConfig {
|
|||||||
ColorUtil.green(String.valueOf(junkLevel)));
|
ColorUtil.green(String.valueOf(junkLevel)));
|
||||||
System.out.println(ColorUtil.cyan("[Junk Obfuscate] Max Number in One Class -> ") +
|
System.out.println(ColorUtil.cyan("[Junk Obfuscate] Max Number in One Class -> ") +
|
||||||
ColorUtil.green(String.valueOf(maxJunkOneClass)));
|
ColorUtil.green(String.valueOf(maxJunkOneClass)));
|
||||||
|
System.out.println(ColorUtil.cyan("[Junk Obfuscate] Enable Evil String -> ") +
|
||||||
|
ColorUtil.green(String.valueOf(enableEvilString)));
|
||||||
|
System.out.println(ColorUtil.yellow("Enable Expand Method -> ") +
|
||||||
|
ColorUtil.green(String.valueOf(enableExpandMethod)));
|
||||||
|
System.out.println(ColorUtil.cyan("[Expand Method] Expand Param Num -> ") +
|
||||||
|
ColorUtil.green(String.valueOf(expandParamNum)));
|
||||||
|
System.out.println(ColorUtil.cyan("[Expand Method] Expand Method List -> ") +
|
||||||
|
ColorUtil.green(Arrays.toString(expandMethodList)));
|
||||||
|
System.out.println(ColorUtil.yellow("Use Evil Char Instead -> ") +
|
||||||
|
ColorUtil.green(String.valueOf(useEvilCharInstead)));
|
||||||
}
|
}
|
||||||
|
|
||||||
public boolean isQuiet() {
|
public boolean isQuiet() {
|
||||||
@@ -359,4 +376,20 @@ public class BaseConfig {
|
|||||||
public void setExpandMethodList(String[] expandMethodList) {
|
public void setExpandMethodList(String[] expandMethodList) {
|
||||||
this.expandMethodList = expandMethodList;
|
this.expandMethodList = expandMethodList;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public boolean isEnableEvilString() {
|
||||||
|
return enableEvilString;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setEnableEvilString(boolean enableEvilString) {
|
||||||
|
this.enableEvilString = enableEvilString;
|
||||||
|
}
|
||||||
|
|
||||||
|
public boolean isUseEvilCharInstead() {
|
||||||
|
return useEvilCharInstead;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setUseEvilCharInstead(boolean useEvilCharInstead) {
|
||||||
|
this.useEvilCharInstead = useEvilCharInstead;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
8583
src/main/java/me/n1ar4/clazz/obfuscator/utils/EvilObfUtil.java
Normal file
8583
src/main/java/me/n1ar4/clazz/obfuscator/utils/EvilObfUtil.java
Normal file
File diff suppressed because it is too large
Load Diff
@@ -1,5 +1,6 @@
|
|||||||
package me.n1ar4.clazz.obfuscator.utils;
|
package me.n1ar4.clazz.obfuscator.utils;
|
||||||
|
|
||||||
|
import me.n1ar4.clazz.obfuscator.core.ObfEnv;
|
||||||
import me.n1ar4.jrandom.core.JRandom;
|
import me.n1ar4.jrandom.core.JRandom;
|
||||||
|
|
||||||
import java.util.HashSet;
|
import java.util.HashSet;
|
||||||
@@ -30,53 +31,87 @@ public class NameUtil {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public static String genWithSet(HashSet<String> exists) {
|
public static String genWithSet(HashSet<String> exists) {
|
||||||
JRandom random = JRandom.getInstance();
|
if (ObfEnv.config.isUseEvilCharInstead()) {
|
||||||
while (true) {
|
while (true) {
|
||||||
int length = 10 + random.getInt(0, 3);
|
String result = EvilObfUtil.randomString(16);
|
||||||
StringBuilder sb = new StringBuilder();
|
if (!exists.contains(result)) {
|
||||||
for (int i = 0; i < length; i++) {
|
exists.add(result);
|
||||||
sb.append(CHAR_POOL[random.getInt(0, CHAR_POOL.length)]);
|
return result;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
if (sb.charAt(0) == '~' || sb.charAt(0) == '1') {
|
} else {
|
||||||
continue;
|
JRandom random = JRandom.getInstance();
|
||||||
}
|
while (true) {
|
||||||
String result = sb.toString();
|
int length = 10 + random.getInt(0, 3);
|
||||||
if (!exists.contains(result)) {
|
StringBuilder sb = new StringBuilder();
|
||||||
exists.add(result);
|
for (int i = 0; i < length; i++) {
|
||||||
return result;
|
sb.append(CHAR_POOL[random.getInt(0, CHAR_POOL.length)]);
|
||||||
|
}
|
||||||
|
if (sb.charAt(0) == '~' || sb.charAt(0) == '1') {
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
String result = sb.toString();
|
||||||
|
if (!exists.contains(result)) {
|
||||||
|
exists.add(result);
|
||||||
|
return result;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
private static String genBase(int op) {
|
private static String genBase(int op) {
|
||||||
JRandom random = JRandom.getInstance();
|
if (ObfEnv.config.isUseEvilCharInstead()) {
|
||||||
while (true) {
|
while (true) {
|
||||||
int length = 10 + random.getInt(0, 3);
|
String result = EvilObfUtil.randomString(16);
|
||||||
StringBuilder sb = new StringBuilder();
|
if (op == 2) {
|
||||||
for (int i = 0; i < length; i++) {
|
if (!generatedMethods.contains(result)) {
|
||||||
sb.append(CHAR_POOL[random.getInt(0, CHAR_POOL.length)]);
|
generatedMethods.add(result);
|
||||||
|
return result;
|
||||||
|
}
|
||||||
|
} else if (op == 1) {
|
||||||
|
if (!generatedStrings.contains(result)) {
|
||||||
|
generatedStrings.add(result);
|
||||||
|
return result;
|
||||||
|
}
|
||||||
|
} else if (op == 3) {
|
||||||
|
if (!generatedFields.contains(result)) {
|
||||||
|
generatedFields.add(result);
|
||||||
|
return result;
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
if (sb.charAt(0) == '~' || sb.charAt(0) == '1') {
|
} else {
|
||||||
continue;
|
JRandom random = JRandom.getInstance();
|
||||||
}
|
while (true) {
|
||||||
String result = sb.toString();
|
int length = 10 + random.getInt(0, 3);
|
||||||
if (op == 2) {
|
StringBuilder sb = new StringBuilder();
|
||||||
if (!generatedMethods.contains(result)) {
|
for (int i = 0; i < length; i++) {
|
||||||
generatedMethods.add(result);
|
sb.append(CHAR_POOL[random.getInt(0, CHAR_POOL.length)]);
|
||||||
return result;
|
|
||||||
}
|
}
|
||||||
} else if (op == 1) {
|
if (sb.charAt(0) == '~' || sb.charAt(0) == '1') {
|
||||||
if (!generatedStrings.contains(result)) {
|
continue;
|
||||||
generatedStrings.add(result);
|
|
||||||
return result;
|
|
||||||
}
|
}
|
||||||
} else if (op == 3) {
|
String result = sb.toString();
|
||||||
if (!generatedFields.contains(result)) {
|
if (op == 2) {
|
||||||
generatedFields.add(result);
|
if (!generatedMethods.contains(result)) {
|
||||||
return result;
|
generatedMethods.add(result);
|
||||||
|
return result;
|
||||||
|
}
|
||||||
|
} else if (op == 1) {
|
||||||
|
if (!generatedStrings.contains(result)) {
|
||||||
|
generatedStrings.add(result);
|
||||||
|
return result;
|
||||||
|
}
|
||||||
|
} else if (op == 3) {
|
||||||
|
if (!generatedFields.contains(result)) {
|
||||||
|
generatedFields.add(result);
|
||||||
|
return result;
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
return null;
|
||||||
}
|
}
|
||||||
} else {
|
|
||||||
return null;
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -56,6 +56,9 @@ advanceStringName: ME_N1AR4_CLAZZ_OBF_PROJECT
|
|||||||
enableJunk: true
|
enableJunk: true
|
||||||
# 花指令混淆级别 1-5
|
# 花指令混淆级别 1-5
|
||||||
junkLevel: 3
|
junkLevel: 3
|
||||||
|
# 花指令可以使用常见的随机字符
|
||||||
|
# 也可以使用恶意的字符生成更具有迷惑的代码
|
||||||
|
enableEvilString: true
|
||||||
# 一个类中花指令最多数量
|
# 一个类中花指令最多数量
|
||||||
maxJunkOneClass: 1000
|
maxJunkOneClass: 1000
|
||||||
|
|
||||||
@@ -76,4 +79,9 @@ enableExpandMethod: true
|
|||||||
expandParamNum: 3
|
expandParamNum: 3
|
||||||
# expand 操作只会对白名单方法名进行混淆
|
# expand 操作只会对白名单方法名进行混淆
|
||||||
expandMethodList:
|
expandMethodList:
|
||||||
- "test"
|
- "test"
|
||||||
|
|
||||||
|
# 使用恶意的字符替换方法名 字段名 参数名等
|
||||||
|
# 注意:如果开启了该项 obfuscateChars 将无效
|
||||||
|
# 注意:该功能不确定在所有版本 JAVA 上可以稳定运行
|
||||||
|
useEvilCharInstead: true
|
||||||
Reference in New Issue
Block a user