C++11 Metaprogramming Applied to Software Obfuscation

Presented at Black Hat Europe 2014, Oct. 17, 2014, 3:30 p.m. (60 minutes).

The C++ language and its siblings like C and Objective-C are ones of the most used languages today. Significant portions of operating systems like Windows, Linux, Mac OS X, iOS and Android are written in C and C++. There is however a fact that is little known about C++: it contains a Turing-complete sub-language executed at compile time. It is called C++ template metaprogramming (not to be confounded with the C preprocessor and macros) and is close to functional programming.

During this talk, I will show how to use this language to generate, at compile time, obfuscated code without using any external tool and without modifying the compiler. The techniques presented rely only on C++11, as standardized by ISO. I will also show how to introduce some form of randomness to generate polymorphic code and I will give some concrete examples like the encryption of strings literals or the obfuscation of calls using finite state machines generated at compile time.

All the examples presented will be released under GitHub.


Presenters:

  • Sebastien Andrivet
    Sebastien has been playing with computers since the beginning of the '80s. After spending some years with 8-bit processor assembly programming, he specialized in the 90 in C/C++ and i386 assembly on Win/Intel. During the Internet years, he participated in several startups and released some open source software, including a multi-platform XML parser written in C++. At this time, he was confronted by software pirates and the world of buffer overflows and SQL injections. In 2002, he switched to applications security and forensics and co-founded ADVTOOLS in Geneva. Since June 2014, he has worked as a security engineer for SCRT, a swiss company near Lausanne. He is also involved in feminine initiatives around Information Technologies and cyberfeminist groups.

Links:

Similar Presentations: