ABOUT ME

-

Today
-
Yesterday
-
Total
-
  • OLLVM installation on Windows 10
    Computer/Program Analysis 2018. 2. 2. 17:06

    Prerequisites.


    1) mingw-w64


    Select x86_64 and posix. 

    Without this configuration, gcc will give errors related mutex - "error: 'mutex' in namespace 'std' does not name a type static std::mutex ErrorHandlerMutex;" 


    2) cmake 

    3) git


    Installation. 

    Open mingw64 shell and enter the following commands. 

    git clone https://github.com/Qrilee/llvm-obfuscator
    mkdir build
    cd build
    cmake -DCMAKE_BUILD_TYPE=Release -G "MinGW Makefiles" ..\llvm-obfuscator
    mingw32-make.exe -j7
    

    Add the ollvm build path to the environment variable. 


    Test

    sample1.cc

    #include 
    #include 
    
    // unsigned int target_function(unsigned int n)__attribute((__annotate__(("fla"))));
    unsigned int target_function(unsigned int n)
    {
      unsigned int mod = n % 4;
      unsigned int result = 0;
    
      if (mod == 0) result = (n | 0xBAAAD0BF) * (2 ^ n);
      else if (mod == 1) result = (n & 0xBAAAD0BF) * (3 + n);
      else if (mod == 2) result = (n ^ 0xBAAAD0BF) * (4 | n);
      else result = (n + 0xBAAAD0BF) * (5 & n);
      return result;
    }
    
    int main() {
        int x;
        scanf("%d", &x);
        std::cout << target_function(x);
    }
    


    compile. 

    To compile 32bit binary we need mingw 32. Add the include directory with -I option.
    clang++ sample1.cc -o sample1_orig.exe
    clang++ -mllvm -fla sample1.cc -o sample1_fla64.exe
    clang++ -mllvm -bcf sample1.cc -o sample1_bcf64.exe
    clang++ -mllvm -sub sample1.cc -o sample1_sub64.exe
    clang++ -mllvm -fla -mllvm -bcf -mllvm -sub sample1.cc -o sample1_full64.exe
    clang++ -m32 -mllvm -fla sample1.cc -o sample1_fla.exe -IC:\MinGW\lib\gcc\mingw32\6.3.0\include
    clang++ -m32 -mllvm -bcf sample1.cc -o sample1_bcf32.exe -IC:\MinGW\lib\gcc\mingw32\6.3.0\include
    clang++ -m32 -mllvm -sub sample1.cc -o sample1_sub32.exe -IC:\MinGW\lib\gcc\mingw32\6.3.0\include
    clang++ -m32 -mllvm -fla -mllvm -bcf -mllvm -sub sample1.cc -o sample1_full32.exe -IC:\MinGW\lib\gcc\mingw32\6.3.0\include
    


    Original CFG. 





    Obfuscated CFG.



Designed by Tistory.