Introduction
The obfuscation of Delphi projects is a deterrent against reverse engineering. Delphi executables are easy to reverse-engineer because they carry a lot of source code information. Good Delphi decompilers reconstruct whole projects, forms, source names, strings, and all.
If you don't want your Delphi programming being visible to bad guys, then you would rather maintain well-formed source projects while releasing ever-changing AltDel-obfuscated versions.
How obfuscation works
AltDel is a 5-phase script-driven lexical compiler that produces obfuscation by lowering the language level of Delphi source projects:
1. Normalization
The normalization phase converts all *.dfm to text format, strips the source of all comments, rewrites all strings as control strings, and determines a unique prefix for obfuscated identifiers. The unique identifier prefix is used for renaming all units and corresponding files. This phase is required for the correct operation of the following ones.
2. Forms
AltDel sets random values for form properties such as Height, Width, Color, etc. The original values are built by corresponding assignment statements at form creation time. String captions, hints, etc, are deleted from the original form and also dynamically built. Decompilers will reconstruct colorful random rectangles.
3. Strings
Strings make reverse engineering easier, a string like 'invalid password' reveals the address of a calling routine. AltDel transforms almost all strings into beautiful recursive string building expressions. This is hardly efficient, but the overhead should be negligible thanks to plenty of computing power. Decompilers are now string-blind.
4. Idents
All function, procedure, and object identifiers belonging to TForm are obfuscated, ie, replaced by random decimal strings with the unique prefix found in phase 1. As a result, a procedure called VerifyPassword, an atractive name from a hacker's perspective, would become meaningless noise like T__1257328796. Obfuscated names change randomly from one obfuscation to the next.
During this phase, random NOP hardware instructions are liberally inserted, so that the address of routines changes from one obfuscation to the next, routines become a moving target for patches. If a hacker's patch ever works, that won't be for long. The overhead of NOP processing is virtually nil.
5. Units
Finally, AltDel renames all units, their corresponding *pas, *dfm files, uses clauses, and *dpr files.
The end result is good-looking uniform low-level code: strings become deeply nested expressions; obfuscated forms look like abstract drawings; names are fixed-form meaningless tokens. Examples:
|
Fig. 1 - Procedure call with string parameter |
| Fig. 2 - Part of an obfuscated form |
|
|
Operation On three fields, we specify complete paths to the original .dpr project file, the obfuscated project, and the Delphi compiler. The obfuscated project path is automatically derived from the original project path.  The script The above image shows the script of a complete obfuscation. Phases are executed in sequence, each phase performing specific lexical transformations. The script is meant to be used incrementally, the user enabling/disabling a given phase. The Delphi post-obfuscation phase in the script causes Delphi to be called twice, placing the source project and the (so far) obfuscated project before your eyes. You have access to both projects with a click. In a few cases, the user guides AltDel through simple directives that are applied to source files. The optional Shell pre-obfuscation step is intended for organizational purposes and is discussed in the program's help. Very Important Information About Licensing This free demo download restricts AltDel to obfuscate only a small percentage of random identifiers. Fully operational AltDel is tailor-made software: each specific copy displays the licensee's name and address. You are able to pirate the license to others, but surely won't implicate your identification with that. If the displayed license is tampered with, then AltDel expires. In order to protect your valuable projects, I believe you would be inclined to afford US$ 14.95 for a personal version of AltDel. That's probably cheaper than ordering one pizza. How To Buy Using the free demo version, the Buy button takes you to AltDel's page at a secure payment site that accepts all kinds of cards, currencies, and checks. They inform me of a completed transaction identifying you. I will immediately obfuscate my AltDel source with your data, then will send a tailor-made installer to your email address. |
| Download | E-mail | Top |