3

I want to know if there are ways to compile C, C++ and Python code in order to not be able to reverse engineering it over Linux or not?

I have heard there are some ways over Windows to do it, but I am working on Linux.

I want to compile my code securely, as released or final version.

UPDATE

At least I want to make it hard for usual users to disassemble,

I am using GCC for C and C++, also I would be thankful if you introduce me best compiler for Python.

MLSC
  • 331
  • 1
  • 2
  • 7
  • Bruce Schneier's column today linked to an article about research in this field: http://eprint.iacr.org/2013/451.pdf The paper will probably not tell you how to solve this, but it will give you a good idea of just how much research there is into your problem. – Kevin Feb 25 '14 at 01:06

2 Answers2

7

You cannot prevent reverse engineering. You can make it more or less harder but you cannot prevent it. No.

Update

Ok, as the author updated it with a more clearer question... this is what one can do:

  1. Strip symbols from the binaries. At the very least.
  2. Obfuscate the code. This may help: https://stackoverflow.com/questions/4111808/c-c-compiler-generating-obfuscated-code.
  3. Pack or protect the binary. I know no good available protector for Linux, sorry.

As for the Python code... If you're lucky enough, you can use Shedskin to compile to native code and then apply the same techniques discussed before. If not, you may give a try to Cython instead of Python. Also, there is a question here about obfuscating Python code.

PS: Anyway, in my opinion, code protection is overrated. You cannot prevent a decided person or group from reverse engineering a piece of software and, sometimes, it's a lose of time and money.

Community
  • 1
joxeankoret
  • 4,488
  • 2
  • 21
  • 35
4

As for C compiler (gcc), first make sure you do not make a mistake of compiling it with -g option (adds symbols for debugging, basically whole source code).

-g Produce debugging information in the operating system's native format

Secondly, try with -s option:

-s Remove all symbol table and relocation information from the executable.

Without function names is would be harder to reverse engineer it. Take a look at man strip. I haven't tried it, but something like

strip --strip-debug objfile

or:

strip --strip-unneeded objfile

on your object files could be useful.

Turn on as much optimisation as you can -O3. It is really hard to read an optimized assembly, making it another impediment. There is really no good way of preventing disassembly and reverse-engineering, but it makes it harder.

As for Python, it is absolutely OK to ship only .pyc bytecode files. It is compiled version of source code for Python Virtual Machine. How do I create a .pyc file?. Try this one, maybe it is what you need. User can run bytecode file using python just as easily as a source code file.

Lastly, try to google for code obfuscation. It makes no sense to obfuscate C++ code, but maybe someone knows if code obfuscation is a good strategy for Python.

user2622016
  • 141
  • 3