Nowadays, hackers are using all sorts of advanced tools and technologies to access and analyze your source code. They can extract sensitive information and add malicious code to your IDE Software. Furthermore, if your application is compromised and hosts malicious code, then at best your reputation with your users is severely diminished and at worst you might even find yourself at the end of a legal suit for reparation or damages. So, it’s very important to find an effective way to protect your program. By using the code obfuscator, you can make your Delphi codes very hard to read. As a result, attackers cannot abuse your application easily. In this post, you will find all the details of securing your source code with the Delphi code obfuscator.
Table of Contents
Protecting your code through obfuscation. What is code obfuscation?
Code Obfuscation refers to the process of modifying source code to make it harder to read. So, hackers cannot comprehend the code and abuse your application. Code Obfuscation enables you to transform the existing code into another version, which is semantically the same but syntactically different. As a result, you still get the same output. However, the implementation is quite different from the original one.
Why should you obfuscate your Delphi or C++ code?
- Protect intellectual property or trade secrets
- Prevent hackers or competitors from reverse engineering your program
- Conceal the logic or implicit values used in the program
- Making best efforts to protect your investment which can be a requirement of insurance cover
What is the best code obfuscator?
Right now, in my opinion, the CodeMorph Delphi Code Obfuscator seems to be the best option. It generates and inserts random code into your Delphi source code with predefined customization options. It helps you to protect your application from reverse engineering and modifications.
How the CodeMorph Code Obfuscator Protects Your Source Code
CodeMorph Delphi Code Obfuscator adds extra obfuscation code to your program. As a result, it becomes difficult to read. The theory is that, with sufficient added complexity. the hackers will face a very tough time modifying your source code. It’s not impossible but it does make the task onerous and error-prone which might be enough to deter all but the most dedicated and skilled reverse engineering mavens.
Let’s take a look at an example of code before code obfuscation.
function QuickPos(const Substr, S: WideString; MatchesIndex: Integer = 1): Integer;
var
LenOfS, LenOfSubstr: Integer;
begin
Result := Pos(Substr, S);
if (MatchesIndex = 1) or (Result = 0) then
Exit;
LenOfS := Length(S);
LenOfSubstr := Length(Substr);
while (MatchesIndex > 1) and (Result > 0) do
begin
Result := _PosForward(Substr, S, Result + 1, LenOfSubstr, LenOfS);
if Result = 0 then
Exit;
Dec(MatchesIndex);
end;
end;
The code is easy to comprehend. There are several if-else statements, along with a simple while loop. This kind of simple code can be reverse-engineered easily. But once you use the CodeMorph Delphi Code Obfuscator, the code becomes quite difficult to comprehend. Take a look at it:
Here is an example of the same code after obfuscation
function QuickPos(const Substr, S: WideString; MatchesIndex: Integer = 1): Integer;
var
LenOfS, LenOfSubstr: Integer;
begin
// junk instruction begin
asm
jz @1
jnz @1
db $e9
@1:
end;
// junk instruction end
Result := Pos(Substr, S);
// junk instruction begin
asm
pushf
push $0A
@1: jnb @3
jmp @2
@2: call @4
@3: jnb @2
@4: add esp,4
jmp @5
@5: dec dword ptr [esp]
jno @6
@6: jns @1
jp @7
@7: add esp,4
popf
jmp @8
@8:
end;
// junk instruction end
if (MatchesIndex = 1) or (Result = 0) then
begin
// junk instruction begin
asm
pushf
jb @3
@1: jmp @2
@2: call @4
@3: jb @1
@4: add esp,4
popf
jmp @5
@5:
end;
// junk instruction end
Exit;
end;
LenOfS := Length(S);
// junk instruction begin
asm
jz @1
jnz @1
db $e8
@1:
end;
// junk instruction end
LenOfSubstr := Length(Substr);
// junk instruction begin
asm
db 0E9h,0A2h,001h,000h,000h,049h,00Fh,0F6h,03Ch,0CFh,075h,0EEh,0C0h,00Fh,031h,08Bh
db 0C8h,00Fh,031h,02Bh,0C8h,0F7h,0D1h,081h,0F9h,000h,050h,000h,000h,07Fh,0FEh,00Fh
db 031h,08Bh,0C8h,00Fh,031h,02Bh,0C8h,0F7h,0D1h,081h,0F9h,000h,050h,000h,000h,07Fh
db 0FEh,0D6h,00Fh,088h,0DDh,001h,000h,000h,00Fh,089h,0D7h,001h,000h,000h,03Eh,0C1h
db 0C3h,005h,0C1h,0CBh,005h,036h,00Fh,08Ah,001h,002h,000h,000h,00Fh,08Bh,0FBh,001h
db 000h,000h,05Bh,0E8h,00Bh,000h,000h,000h,072h,065h,067h,069h,073h,074h,065h,072h
db 065h,064h,000h,058h,0EBh,002h,012h,028h,0E8h,03Eh,000h,000h,000h,099h,04Fh,0F6h
db 03Ch,0FFh,090h,05Fh,050h,00Fh,031h,08Bh,0C8h,00Fh,031h,02Bh,0C8h,0F7h,0D1h,081h
db 0F9h,000h,050h,000h,000h,07Ch,005h,0E9h,0D7h,06Ch,030h,0F0h,0E8h,00Bh,000h,000h
db 000h,072h,065h,067h,069h,073h,074h,065h,072h,065h,064h,000h,058h,0F8h,00Fh,084h
db 0A1h,000h,000h,000h,00Fh,085h,09Bh,000h,000h,000h,03Bh,068h,01Dh,024h,000h,000h
db 083h,0C4h,004h,083h,0C4h,004h,00Fh,084h,007h,000h,000h,000h,00Fh,085h,001h,000h
db 000h,000h,048h,0E8h,00Bh,000h,000h,000h,072h,065h,067h,069h,073h,074h,065h,072h
db 065h,064h,000h,058h,0EBh,00Bh,072h,065h,067h,069h,073h,074h,065h,072h,065h,064h
db 000h,065h,0F8h,00Fh,083h,056h,0FFh,0FFh,0FFh,000h,0A4h,0BCh,0E6h,0D6h,0B7h,0E8h
db 00Bh,000h,000h,000h,072h,065h,067h,069h,073h,074h,065h,072h,065h,064h,000h,058h
db 0F9h,00Fh,031h,08Bh,0C8h,00Fh,031h,02Bh,0C8h,0F7h,0D1h,081h,0F9h,000h,050h,000h
db 000h,07Fh,0FEh,068h,019h,054h,000h,000h,083h,0C4h,004h,0D6h,00Fh,08Ah,0CFh,000h
db 000h,000h,00Fh,08Bh,0C9h,000h,000h,000h,058h,0EBh,00Dh,077h,072h,06Fh,06Eh,067h
db 020h,073h,065h,072h,069h,061h,06Ch,000h,0E9h,038h,0FFh,0FFh,0FFh,043h,03Eh,0F6h
db 03Ch,0C5h,094h,053h,011h,0E8h,001h,000h,000h,000h,086h,0E8h,001h,000h,000h,000h
db 0B8h,083h,044h,024h,004h,012h,083h,004h,024h,00Ah,0C3h,0F8h,050h,052h,00Fh,031h
db 033h,0C8h,05Ah,033h,0C8h,058h,051h,059h,0F9h,00Fh,082h,006h,000h,000h,000h,000h
db 06Bh,05Dh,082h,06Bh,0EBh,00Fh,0CFh,00Fh,0CFh,036h,00Fh,080h,0D3h,0FEh,0FFh,0FFh
db 00Fh,081h,0CDh,0FEh,0FFh,0FFh,0DCh,050h,052h,00Fh,031h,033h,0C8h,05Ah,033h,0C8h
db 058h,068h,0EFh,04Ch,000h,000h,083h,0C4h,004h,036h,00Fh,084h,06Dh,0FEh,0FFh,0FFh
db 00Fh,085h,067h,0FEh,0FFh,0FFh,00Ah,00Fh,031h,08Bh,0C8h,00Fh,031h,02Bh,0C8h,0F7h
db 0D1h,081h,0F9h,000h,050h,000h,000h,07Fh,0FEh,0EBh,00Bh,072h,065h,067h,069h,073h
db 074h,065h,072h,065h,064h,000h,068h,027h,0ACh,000h,000h,083h,0C4h,004h,00Fh,08Ch
db 0B3h,0FFh,0FFh,0FFh,00Fh,08Dh,0ADh,0FFh,0FFh,0FFh,094h,068h,075h,004h,000h,000h
db 083h,0C4h,004h,0F3h,0F8h,00Fh,083h,004h,0FFh,0FFh,0FFh,000h,0BBh,08Dh,090h,07Ch
db 097h,0E8h,001h,000h,000h,000h,0EAh,0E8h,001h,000h,000h,000h,008h,083h,044h,024h
db 004h,012h,083h,004h,024h,00Ah,0C3h,010h,0F9h,00Fh,082h,01Ah,0FFh,0FFh,0FFh,000h
db 02Bh,09Dh,0CDh,020h,0DBh,00Fh,031h,08Bh,0C8h,00Fh,031h,02Bh,0C8h,0F7h,0D1h,081h
db 0F9h,000h,050h,000h,000h,07Fh,0FEh,0E8h,00Bh,000h,000h,000h,072h,065h,067h,069h
db 073h,074h,065h,072h,065h,064h,000h,058h,068h,09Fh,00Ch,000h,000h,083h,0C4h,004h
db 00Fh,088h,095h,0FFh,0FFh,0FFh,00Fh,089h,08Fh,0FFh,0FFh,0FFh,073h,0EBh,00Bh,072h
db 065h,067h,069h,073h,074h,065h,072h,065h,064h,000h,00Fh,088h,007h,000h,000h,000h
db 00Fh,089h,001h,000h,000h,000h,0A1h
end;
// junk instruction end
while (MatchesIndex > 1) and (Result > 0) do
begin
Result := _PosForward(Substr, S, Result + 1, LenOfSubstr, LenOfS);
// junk instruction begin
asm
jz @1
jnz @1
db $9a
db $e8
@1:
end;
// junk instruction end
if Result = 0 then
Exit;
// junk instruction begin
asm
db 0EBh, 1, 0Fh, 31h
db 0F0h, 0EBh, 0Ch, 33h
db 0C8h, 0EBh, 3, 0EBh
db 9, 0Fh, 59h, 74h
db 5, 75h, 0F8h, 51h
db 0EBh, 0F1h
end;
// junk instruction end
Dec(MatchesIndex);
// junk instruction begin
asm
jz @1
jnz @1
db $e8
@1:
end;
// junk instruction end
end;
end;
As you can see, the whole structure has been changed. It looks quite different from the original one. CodeMorph Delhi Code Obsfucator has inserted junk instructions into the source code. It has hidden the execution logic of the program. So, it will be quite difficult for hackers to understand and alter the code. In this way, the obfuscator enables you to protect your source code from attackers effectively.
Should I consider using CodeMorph Code Obfuscator?
CodeMorph Delphi Code Obfuscator generates and inserts junk code into your program randomly. As a result, it becomes very difficult for the attackers to reverse-engineer the code that you have produced. You can keep your Delphi application safe from security threats. If you’re looking to make it harder for illicit outfits to reverse engineer and examine how your code works then I think you might want to seriously consider taking a look at CodeMorph Delphi Code Obfuscator.
Next, find out how you can convert Int to String C++ in this article about Modern C++ Software.
RAD Studio is an all-round development environment full to the brim with great features designed to get you developing powerful apps for Windows, macOS, iOS and Android rapidly and efficiently, Why not download a trial copy today?
Reduce development time and get to market faster with RAD Studio, Delphi, or C++Builder.
Design. Code. Compile. Deploy.
Free Delphi Community Edition Free C++Builder Community Edition
Excellent👍
oops! there’s just no way to download the trail version of the tool from the website,that’s sad
Incorrect. Go to this page and you can download the trial version (I just tried it). http://www.sourceformat.com/download-codemorph.html
Download does not work.
Yes it seems like something is wrong with their website. I’ve sent them a note letting them know.
Are there other software similar to these that do things like creating spaghetti code, encrypting strings, adding junk code, etc., to make the task of reverse engineering more difficult?
What you are describing is called obfuscation.
It’s not normally necessary with Delphi code – it’s much less resistant to decompilation than languages based on the .Net platform and especially better than Python. However, there is a discussion here on Stack Overflow which has some tips about it: https://stackoverflow.com/questions/6225081/when-and-how-should-i-obfuscate-my-delphi-code