Searching \ for '[OT] Obfuscated C' in subject line. ()
Make payments with PayPal - it's fast, free and secure! Help us get a faster server
FAQ page: www.piclist.com/techref/language/index.htm?key=c
Search entire site for: 'Obfuscated C'.

Exact match. Not showing close matches.
PICList Thread
'[OT] Obfuscated C'
2009\07\01@152804 by Peter Restall

flavicon
face

For those who are interested, they still do hold the Obfuscated C
competition :)

       http://www.de.ioccc.org/years.html

I honestly don't know why people dislike C...this is pure art/genius/madness !

(btw - this is called 'arachnid.c' and requires ncurses to compile; use a, s,
w and d keys).

Regards,

Pete Restall

---

#include <ncurses.h>/*****************************************************/
           int               m[256                   ] [         256   ],a
,b   ;;;   ;;;   WINDOW*w;   char*l=""   "\176qxl"   "q"   "q"   "k"   "w\
xm"   "x"   "t"         "j"         "v"         "u"         "n"         ,Q[
]=   "Z"   "pt!ftd`"   "qdc!`eu"   "dq!$c!nnwf"/**   ***   */"t\040\t";c(
int   u ,         int         v){                     v?m   [u]         [v-
1]   |=2,m[u][v-1] &   48?W][v-1   ] &   15]]):0:0;u?m[u   -1][v]|=1   ,m[
u-               1][   v]&         48?               W-1   ][v         ]&
15]   ]):0:0;v<   255   ?m[   u][v+1]|=8,m[u][v+1]&   48?   W][   v+1]&15]]
):0         :0;         u <               255   ?m[   u+1         ][v   ]|=
4,m[u+1][   v]&48?W+1][v]&15]]):0:0;W][   v]&   15]   ]);}cu(char*q){   return
*q               ?cu   (q+         1)&         1?q   [0]               ++:
q[0   ]--   :1;   }d(   int   u ,   int/**/v,   int/**/x,   int   y){   int
Y=y   -v,   X=x         -u;   int         S,s   ;Y<         0?Y   =-Y   ,s,
s=-   1:(   s=1);X<0?X=-X,S   =-1  :(S=   1);   Y<<=   1;X<<=1;   if(X>Y){
int   f=Y               -(X   >>1   );;               while(u!=         x){
f>=   0?v+=s,f-=X:0;u   +=S   ;f+=   Y;m[u][v]|=32;mvwaddch(w,v   ,u,   m[u
][               v]&   64?   60:         46)         ;if         (m[   u][
v]&16){c(u,v);;   ;;;   ;;;   return;}}   }else{int   f=X   -(Y>>1);;   while
(v   !=y         ){f   >=0         ?u   +=S,               f-=         Y:0
;v   +=s   ;f+=X;m[u][v]|=   32;mvwaddch(w,v   ,u,m[u][v]&64?60:46);if(m[u
][                     v]&         16)   {c(   u,v                     );
 ;   return;;;}}}}Z(   int/**/a,   int   b){   }e(   int/**/y,int/**/  x){
int               i ;         for         (i=         a;i               <=a
+S;i++)d(y,x,i,b),d(y,x,i,b+L);for(i=b;i<=b+L;i++)d(y,x,a,i),d(y,x,a+   S,i
);                     ;;;         ;;;         ;;;               ;;;   ;
 mvwaddch(w,x,y,64);   ;;;   ;;;   ;;;   prefresh(   w,b,a,0,0   ,L-   1,S-1
);}             main(         int               V ,   char              *C[
 ]   ){FILE*f=   fopen(V==1?"arachnid.c"/**/   :C[   1],"r");int/**/x,y,c,
v=0         ;;;      initscr              ();               Z(Z         (raw
()   ,Z(   curs_set(0),Z(1   ,noecho()))),keypad(    stdscr,TRUE));w   =newpad
 (   300,  300               ) ;   for         (x=   255   ; x   >=0   ;x--
 )   for   (y=   255   ;y>=0;y--   )m[   x][   y]=   0;x=y=0;refresh( );while
 (   (c=                           fgetc (f)   )+1)                    {if(
0||c==10||  x==   256){x=0;y++;if(y==256  )break;;}   else{m[x][y]=(c   ==
'~'   ?64   : c   ==32              ?0:         16)   ;;x               ++;
     }}for(x=0   ;x<   256;x++)m   [x][0]=16   ,m[   x][   255]=16;for(y=0
;y<         256   ; y         ++)   m[0         ][y   ] =               16,
m[255][y]   =16   ;a=b=c=0;   x=y   =1;   do{v++;mvwaddch   (w,   y,x   ,m[
x][         y]&               32?   m[x                     ][y   ] &   16?
0|   acs_map[l[m[x][y]&15]]:46 :   32);c==0163&&!(m[x][y+1]&16)?y++:   0;c
==   119         &&!         (m[                                       x][
y-   1]&   16)   ?y--:0;;c   ==97  &&!(m[x-1][y]&16)?x--:0;c==100&&!(m[x+1
][   y]&   16)         ? x   ++:0              ;if(                    c==
3-   1+1   ){endwin(   );;   return(0)   ;}x   -a<5?a>S-   5?a-=S-5:(a=0):
0;x               -a>         S-5?a<255   -S*         2?a               +=S
-5:(a=256-S):0;   y-b<5?b>L-5?b-=L-5:(b   =0)   :0;   y-b>L-5?b<255-L   *2?
b+=                                       L-5   :(b                     =256
-L)   :0;e(x,y);if(m[x][y]&64)break;}while((c=getch())!=-1);endwin();cu(Q);
printf(Q,v);}

2009\07\01@161538 by Tamas Rudnai

face picon face
That's just a normal obuscation I deal with every day. They use silly things
like this and even much more complicated ones for Javascript, visual basic,
autoit and the kind and they think their code are well protected.... This
samaple did not even use trigraphs so it was just ok...



#include <ncurses.h>

int m[256][256], a, b;

WINDOW *w;

char *l = "\176qxlqqkwxmxtjvun";
Q[] = "Zpt!ftd`qdc!`eudq!$c!nnwft\040\t";

c( int u , int v)
{
  v ? m[u][v-1] |= 2, m[u][v-1] & 48 ? W][v-1] & 15]]) : 0 : 0;

  u ? m[u-1][v] |= 1
               ,m[u-1][v] & 48 ? W-1][v] &
               15]]) : 0 : 0;

           v < 255 ? m[u][v+1]| = 8
               ,m[u][v+1] & 48 ? W][v+1] & 15]]) : 0 : 0;
           u < 255 ?m[ u+1][v]|=
               4,m[u+1][v] & 48 ? W+1][v] & 15]]) : 0 : 0;
           W][v] & 15]]);
}


// recursive loops on the string
cu ( char *q )
{

   return *q ? (
                   // some silly decryption algorithm
                   cu (q + 1) & 1 ? q[0]++ : q[0]--
               ) : 1;
}


d( int u , int v, int x, int y)
{
   int Y = y - v, X = x - u;

   int S,s;

   Y < 0 ? Y = -Y, s, s = -1 : (s = 1);

   X < 0 ? X = -X, S = -1 : (S = 1);

   Y <<= 1;
   X <<= 1;

   if(X > Y)
   {
       int f = Y -( X >> 1 );
       while(u != x )
       {
           f >= 0 ? v += s,f -= X : 0;
           u +=S ;
           f += Y;
           m[u][v] |= 32;
           mvwaddch( w,v ,u, m[u][v] & 64 ? 60 : 46);
           if (m[u][v] & 16)
           {
               c(u,v);
               return;
           }
       }
   }
   else{int f=X -(Y>>1);
       while
           (v != y ){f >= 0 ? u += S, f -= Y : 0;
               v += s;
               f += X;
               m[u][v] |= 32;
               mvwaddch ( w, v ,u, m[u][v] & 64 ? 60 : 46 );
               if( m[u][v] & 16)
               {
                   c( u,v );
                   return;
               }
           }
   }
}


Z( int a, int b){ }


e( int y,int x){
   int i ;
   for (i= a; i <= a + S; i++)
       d(y,x,i,b), d(y,x,i,b+L);

   for( i  =b; i <= b + L; i++) {
       d(y,x,a,i);
       d(y,x,a+ S,i);
   }

   mvwaddch(w,x,y,64);
   prefresh( w,b,a,0,0 ,L- 1,S-1);
}


main( int V , char *C[] )
{
   FILE *f = fopen( V == 1 ? "arachnid.c" : C[1], "r");

... got bored and did not continue...








On Wed, Jul 1, 2009 at 8:20 PM, Peter Restall <spam_OUTpeteTakeThisOuTspamrestall.net> wrote:

{Quote hidden}

> -

2009\07\01@161615 by Tamas Rudnai

face picon face
oh, btw I am not sure if that is syntactically correct. Did the original one
compile for you?


On Wed, Jul 1, 2009 at 9:14 PM, Tamas Rudnai <.....tamas.rudnaiKILLspamspam@spam@gmail.com> wrote:

{Quote hidden}

>> --

2009\07\01@165057 by John Gardner

picon face
> That's just a normal obuscation I deal with every da

Really? I must have missed something...

What do you do?

best  regards, Jack

2009\07\01@172104 by Tamas Rudnai

face picon face
malware analysis -- there are obfuscation tools available that makes your
code unreadable so you maintain your clean code and just before releasing
you can obfuscate it to make it unreadable to everyone. That code you sent
was just fancy formatted with white spaces to look interesting but the
author might use something like that otherwise he/she would spend too much
time in front of the screen :-)

Tamas



On Wed, Jul 1, 2009 at 9:50 PM, John Gardner <.....goflo3KILLspamspam.....gmail.com> wrote:

> > That's just a normal obuscation I deal with every da
>
> Really? I must have missed something...
>
> What do you do?
>
> best  regards, Jack
> -

2009\07\01@175622 by Richard Prosser

picon face
Tamas,

But how do you get hold of the source code in the first place??

RP

2009/7/2 Tamas Rudnai <EraseMEtamas.rudnaispam_OUTspamTakeThisOuTgmail.com>:
{Quote hidden}

>> -

2009\07\01@181335 by Tamas Rudnai

face picon face
On Wed, Jul 1, 2009 at 10:56 PM, Richard Prosser <@spam@rhprosserKILLspamspamgmail.com>wrote:

> Tamas,
>
> But how do you get hold of the source code in the first place??


Script type languages are coming in source naturally (Javascript, VB script,
Autoit mainly) -- so the creator obfuscating it usually. We hardly can see
any binary compiled malware in source form -- usually only if the bad guys
are making some conceptional work and if they "release" the source on some
underground sites. But nowadays everyone wants to make some money by
stealing passwords or credit card information or by installing some adware
on your computer so they have "commercial malware" which's sources are never
getting released for obvious reason. For those we have to deal with the
binary obfuscation they usually use like polymorphic code generators or
malware packers but that's another story.

Tamas

2009\07\02@102715 by Peter Restall

flavicon
face

On Wed, 1 Jul 2009 21:16:13 +0100, Tamas Rudnai:

> oh, btw I am not sure if that is syntactically correct. Did the original one
> compile for you?

Sure - there weren't even any warnings either, which is surprising.  Try:

cc -o arachnid -DL=LINES -DS=COLS \
           -DW=mvwaddch\(w,v,u,acs_map\[l\[m\[u arachnid.c -lncurses

That's from their makefile.  I completed it in 771 moves apparently :)

Regards,

Pete Restall

2009\07\02@103223 by Peter Restall

flavicon
face

On Wed, 1 Jul 2009 22:21:03 +0100, Tamas Rudnai wrote:

> malware analysis -- there are obfuscation tools available that makes your
> code unreadable so you maintain your clean code and just before releasing
> you can obfuscate it to make it unreadable to everyone. That code you sent
> was just fancy formatted with white spaces to look interesting but the
> author might use something like that otherwise he/she would spend too much
> time in front of the screen :-)
>
> Tamas

It is a pretty common technique; even Yahoo! and others release obfuscaters
for Javascript - it also brings down the file size for transmissions across
the 'net.  Google use it on there minified scripts.

I think in this case the format of the program is used as the maze too (I'm
assuming this based on the 'fopen()' on 'arachnid.c'), but I haven't even
bothered to check this as fact - I was just appreciating the whole thing as
a bit of art :)

Regards,

Pete Restall

More... (looser matching)
- Last day of these posts
- In 2009 , 2010 only
- Today
- New search...