[HN Gopher] Obfuscating Lua (2019)
___________________________________________________________________
Obfuscating Lua (2019)
Author : shakna
Score : 19 points
Date : 2023-11-15 09:39 UTC (13 hours ago)
(HTM) web link (gist.github.com)
(TXT) w3m dump (gist.github.com)
| tromp wrote:
| This is not a very interesting form of obfuscation, replacing
| each primitive of a straightforward program by some very
| convoluted code that evaluates to that primitive. Resulting in a
| huge program doing a simple thing. This kind of obfuscation can
| be easily automated, but so can the corresponding unobfuscation.
|
| A more impressive form of obfuscation can be seen in the
| International Obfuscated C Code contest, where the
| straightforward program is replaced by a much shorter one that
| performs many ingenious tricks to achieve the same goal with a
| minimum of code. For example, a prime number sieve written as
| import sys def c(j,t):
| sys.stdout.write(j('.')('P')) return t (lambda
| z:lambda y:z(z(y(lambda p:lambda n:(lambda s:lambda z:z(lambda x:
| lambda y:y)(lambda d:p(s)(y(s))(d)))(lambda x:lambda a:lambda
| s:lambda p: p(a)(lambda y:s(n(x))(y))))(lambda c:lambda
| a:lambda s:z(lambda y:s(c)(y) ))))(y(lambda p:lambda
| b:lambda t:t(c(b,p)))))(lambda s:lambda p:p(lambda
| x:lambda y:x)(s))(lambda f:(lambda q:q(q))(lambda x:f(lambda
| y:x(x)(y))))
|
| which is a Python rendition of the lambda calculus expression l
| (l 1 (1 ((l 1 1) (l l l 1 (l l 1) ((l 4 4 1 ((l 1 1) (l 2 (1
| 1)))) (l l l l 1 3 (2 (6 4))))) (l l l 4 (1 3))))) (l l 1 (l l 2)
| 2).
|
| That kind of obfuscation takes great human effort both to achieve
| and to unravel.
|
| [1] https://en.wikipedia.org/wiki/Obfuscation_(software)
| sllabres wrote:
| Yes, but automatic obfuscation can be interesting, if not only
| simple substitution methods presented here.
|
| E.g. something like [1] (Devirtualizing Nike.com's Bot
| Protection) discussed here [2]. Or something like this [3]
| (Analysis of Obfuscation Techniques Found in Apple FairPlay)
|
| [1] https://www.nullpt.rs/devirtualizing-nike-vm-1
|
| [2] https://news.ycombinator.com/item?id=34285747
|
| [3] https://news.ycombinator.com/item?id=37307653
| dave84 wrote:
| Somewhat tangential, pakettic[0] is a minifier for TIC-80
| cartridges (a fantasy console) that use genetic algorithms to
| minimise and rearrange the Lua code to compress better in
| sizecoded demoscene competitions.
|
| [0] https://github.com/vsariola/pakettic
| synergy20 wrote:
| for lua, compile to luac is a cheap way to hide the source to me
| tarruda wrote:
| I think it is pretty simple to decompile Lua bytecode
| theultdev wrote:
| Stripping out debug info is usually good enough unless you're
| hiding a name check or something.
|
| Sometimes you just don't want someone to be able to easily
| iterate on your script (grab a script, modify and resell)
| hedidntdoit wrote:
| Why do lua developers love to write code that marches towards the
| right edge of infinity? Love love love that it's considered
| "optimized".
|
| There is zero reason for the embedded conditionals.
___________________________________________________________________
(page generated 2023-11-15 23:01 UTC)