├── .gitignore
├── LICENSE
├── README.md
├── RTTIObfuscator.sln
├── RTTIObfuscator.vcxproj
├── RTTIObfuscator.vcxproj.filters
├── packages.config
└── src
    └── main.cpp


/.gitignore:
--------------------------------------------------------------------------------
  1 | ## Ignore Visual Studio temporary files, build results, and
  2 | ## files generated by popular Visual Studio add-ons.
  3 | ##
  4 | ## Get latest from https://github.com/github/gitignore/blob/master/VisualStudio.gitignore
  5 | 
  6 | # User-specific files
  7 | *.suo
  8 | *.user
  9 | *.userosscache
 10 | *.sln.docstates
 11 | 
 12 | # User-specific files (MonoDevelop/Xamarin Studio)
 13 | *.userprefs
 14 | 
 15 | # Build results
 16 | [Dd]ebug/
 17 | [Dd]ebugPublic/
 18 | [Rr]elease/
 19 | [Rr]eleases/
 20 | x64/
 21 | x86/
 22 | bld/
 23 | [Bb]in/
 24 | [Oo]bj/
 25 | [Ll]og/
 26 | 
 27 | # Visual Studio 2015 cache/options directory
 28 | .vs/
 29 | # Uncomment if you have tasks that create the project's static files in wwwroot
 30 | #wwwroot/
 31 | 
 32 | # MSTest test Results
 33 | [Tt]est[Rr]esult*/
 34 | [Bb]uild[Ll]og.*
 35 | 
 36 | # NUNIT
 37 | *.VisualState.xml
 38 | TestResult.xml
 39 | 
 40 | # Build Results of an ATL Project
 41 | [Dd]ebugPS/
 42 | [Rr]eleasePS/
 43 | dlldata.c
 44 | 
 45 | # .NET Core
 46 | project.lock.json
 47 | project.fragment.lock.json
 48 | artifacts/
 49 | **/Properties/launchSettings.json
 50 | 
 51 | *_i.c
 52 | *_p.c
 53 | *_i.h
 54 | *.ilk
 55 | *.meta
 56 | *.obj
 57 | *.pch
 58 | *.pdb
 59 | *.pgc
 60 | *.pgd
 61 | *.rsp
 62 | *.sbr
 63 | *.tlb
 64 | *.tli
 65 | *.tlh
 66 | *.tmp
 67 | *.tmp_proj
 68 | *.log
 69 | *.vspscc
 70 | *.vssscc
 71 | .builds
 72 | *.pidb
 73 | *.svclog
 74 | *.scc
 75 | 
 76 | # Chutzpah Test files
 77 | _Chutzpah*
 78 | 
 79 | # Visual C++ cache files
 80 | ipch/
 81 | *.aps
 82 | *.ncb
 83 | *.opendb
 84 | *.opensdf
 85 | *.sdf
 86 | *.cachefile
 87 | *.VC.db
 88 | *.VC.VC.opendb
 89 | 
 90 | # Visual Studio profiler
 91 | *.psess
 92 | *.vsp
 93 | *.vspx
 94 | *.sap
 95 | 
 96 | # TFS 2012 Local Workspace
 97 | $tf/
 98 | 
 99 | # Guidance Automation Toolkit
100 | *.gpState
101 | 
102 | # ReSharper is a .NET coding add-in
103 | _ReSharper*/
104 | *.[Rr]e[Ss]harper
105 | *.DotSettings.user
106 | 
107 | # JustCode is a .NET coding add-in
108 | .JustCode
109 | 
110 | # TeamCity is a build add-in
111 | _TeamCity*
112 | 
113 | # DotCover is a Code Coverage Tool
114 | *.dotCover
115 | 
116 | # Visual Studio code coverage results
117 | *.coverage
118 | *.coveragexml
119 | 
120 | # NCrunch
121 | _NCrunch_*
122 | .*crunch*.local.xml
123 | nCrunchTemp_*
124 | 
125 | # MightyMoose
126 | *.mm.*
127 | AutoTest.Net/
128 | 
129 | # Web workbench (sass)
130 | .sass-cache/
131 | 
132 | # Installshield output folder
133 | [Ee]xpress/
134 | 
135 | # DocProject is a documentation generator add-in
136 | DocProject/buildhelp/
137 | DocProject/Help/*.HxT
138 | DocProject/Help/*.HxC
139 | DocProject/Help/*.hhc
140 | DocProject/Help/*.hhk
141 | DocProject/Help/*.hhp
142 | DocProject/Help/Html2
143 | DocProject/Help/html
144 | 
145 | # Click-Once directory
146 | publish/
147 | 
148 | # Publish Web Output
149 | *.[Pp]ublish.xml
150 | *.azurePubxml
151 | # TODO: Comment the next line if you want to checkin your web deploy settings
152 | # but database connection strings (with potential passwords) will be unencrypted
153 | *.pubxml
154 | *.publishproj
155 | 
156 | # Microsoft Azure Web App publish settings. Comment the next line if you want to
157 | # checkin your Azure Web App publish settings, but sensitive information contained
158 | # in these scripts will be unencrypted
159 | PublishScripts/
160 | 
161 | # NuGet Packages
162 | *.nupkg
163 | # The packages folder can be ignored because of Package Restore
164 | **/packages/*
165 | # except build/, which is used as an MSBuild target.
166 | !**/packages/build/
167 | # Uncomment if necessary however generally it will be regenerated when needed
168 | #!**/packages/repositories.config
169 | # NuGet v3's project.json files produces more ignorable files
170 | *.nuget.props
171 | *.nuget.targets
172 | 
173 | # Microsoft Azure Build Output
174 | csx/
175 | *.build.csdef
176 | 
177 | # Microsoft Azure Emulator
178 | ecf/
179 | rcf/
180 | 
181 | # Windows Store app package directories and files
182 | AppPackages/
183 | BundleArtifacts/
184 | Package.StoreAssociation.xml
185 | _pkginfo.txt
186 | 
187 | # Visual Studio cache files
188 | # files ending in .cache can be ignored
189 | *.[Cc]ache
190 | # but keep track of directories ending in .cache
191 | !*.[Cc]ache/
192 | 
193 | # Others
194 | ClientBin/
195 | ~$*
196 | *~
197 | *.dbmdl
198 | *.dbproj.schemaview
199 | *.jfm
200 | *.pfx
201 | *.publishsettings
202 | orleans.codegen.cs
203 | 
204 | # Since there are multiple workflows, uncomment next line to ignore bower_components
205 | # (https://github.com/github/gitignore/pull/1529#issuecomment-104372622)
206 | #bower_components/
207 | 
208 | # RIA/Silverlight projects
209 | Generated_Code/
210 | 
211 | # Backup & report files from converting an old project file
212 | # to a newer Visual Studio version. Backup files are not needed,
213 | # because we have git ;-)
214 | _UpgradeReport_Files/
215 | Backup*/
216 | UpgradeLog*.XML
217 | UpgradeLog*.htm
218 | 
219 | # SQL Server files
220 | *.mdf
221 | *.ldf
222 | *.ndf
223 | 
224 | # Business Intelligence projects
225 | *.rdl.data
226 | *.bim.layout
227 | *.bim_*.settings
228 | 
229 | # Microsoft Fakes
230 | FakesAssemblies/
231 | 
232 | # GhostDoc plugin setting file
233 | *.GhostDoc.xml
234 | 
235 | # Node.js Tools for Visual Studio
236 | .ntvs_analysis.dat
237 | node_modules/
238 | 
239 | # Typescript v1 declaration files
240 | typings/
241 | 
242 | # Visual Studio 6 build log
243 | *.plg
244 | 
245 | # Visual Studio 6 workspace options file
246 | *.opt
247 | 
248 | # Visual Studio 6 auto-generated workspace file (contains which files were open etc.)
249 | *.vbw
250 | 
251 | # Visual Studio LightSwitch build output
252 | **/*.HTMLClient/GeneratedArtifacts
253 | **/*.DesktopClient/GeneratedArtifacts
254 | **/*.DesktopClient/ModelManifest.xml
255 | **/*.Server/GeneratedArtifacts
256 | **/*.Server/ModelManifest.xml
257 | _Pvt_Extensions
258 | 
259 | # Paket dependency manager
260 | .paket/paket.exe
261 | paket-files/
262 | 
263 | # FAKE - F# Make
264 | .fake/
265 | 
266 | # JetBrains Rider
267 | .idea/
268 | *.sln.iml
269 | 
270 | # CodeRush
271 | .cr/
272 | 
273 | # Python Tools for Visual Studio (PTVS)
274 | __pycache__/
275 | *.pyc
276 | 
277 | # Cake - Uncomment if you are using it
278 | # tools/**
279 | # !tools/packages.config
280 | 
281 | # Telerik's JustMock configuration file
282 | *.jmconfig
283 | 
284 | # BizTalk build output
285 | *.btp.cs
286 | *.btm.cs
287 | *.odx.cs
288 | *.xsd.cs


--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
 1 | The MIT License (MIT)
 2 | 
 3 | Copyright (c) 2017 koemeet
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy of
 6 | this software and associated documentation files (the "Software"), to deal in
 7 | the Software without restriction, including without limitation the rights to
 8 | use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
 9 | the Software, and to permit persons to whom the Software is furnished to do so,
10 | subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
17 | FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
18 | COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
19 | IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
20 | CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
21 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # C++ RTTI Obfuscator
 2 | Obfuscates all RTTI (Run-time type information) inside a binary so AC's can't catch you on it.
 3 | 
 4 | ### Usage
 5 | You can simply drop any binary into it and it outputs the obfuscated binary in `<relative-dir>/<filename>.tan.<extension>`.
 6 | 
 7 | It can also be used on the command line by simply providing the path to the input binary as its first argument:
 8 | ```
 9 | $ rtti-obfuscator <path-to-binary>
10 | ```
11 | 
12 | ### Preview
13 | 
14 | This is how a binary would look without any RTTI obfuscation:
15 | ![](https://i.gyazo.com/5621b2402351cf9c47e1fd406b09d199.png)
16 | 
17 | Now when ran through the obfuscator, it will turn into this:
18 | ![](https://i.gyazo.com/44724ac7089db578abfd242ab7a474ec.png)
19 | 
20 | ### Download
21 | Get the latest binary from https://github.com/koemeet/rtti-obfuscator/releases.
22 | 


--------------------------------------------------------------------------------
/RTTIObfuscator.sln:
--------------------------------------------------------------------------------
 1 | 
 2 | Microsoft Visual Studio Solution File, Format Version 12.00
 3 | # Visual Studio 14
 4 | VisualStudioVersion = 14.0.25420.1
 5 | MinimumVisualStudioVersion = 10.0.40219.1
 6 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "RTTIObfuscator", "RTTIObfuscator.vcxproj", "{3511B035-D097-4F24-BF47-7B29359FC551}"
 7 | EndProject
 8 | Global
 9 | 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
10 | 		Debug|x64 = Debug|x64
11 | 		Release|x64 = Release|x64
12 | 	EndGlobalSection
13 | 	GlobalSection(ProjectConfigurationPlatforms) = postSolution
14 | 		{3511B035-D097-4F24-BF47-7B29359FC551}.Debug|x64.ActiveCfg = Debug|x64
15 | 		{3511B035-D097-4F24-BF47-7B29359FC551}.Debug|x64.Build.0 = Debug|x64
16 | 		{3511B035-D097-4F24-BF47-7B29359FC551}.Release|x64.ActiveCfg = Release|x64
17 | 		{3511B035-D097-4F24-BF47-7B29359FC551}.Release|x64.Build.0 = Release|x64
18 | 	EndGlobalSection
19 | 	GlobalSection(SolutionProperties) = preSolution
20 | 		HideSolutionNode = FALSE
21 | 	EndGlobalSection
22 | EndGlobal
23 | 


--------------------------------------------------------------------------------
/RTTIObfuscator.vcxproj:
--------------------------------------------------------------------------------
  1 | <?xml version="1.0" encoding="utf-8"?>
  2 | <Project DefaultTargets="Build" ToolsVersion="15.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
  3 |   <ItemGroup Label="ProjectConfigurations">
  4 |     <ProjectConfiguration Include="Debug|x64">
  5 |       <Configuration>Debug</Configuration>
  6 |       <Platform>x64</Platform>
  7 |     </ProjectConfiguration>
  8 |     <ProjectConfiguration Include="Release|x64">
  9 |       <Configuration>Release</Configuration>
 10 |       <Platform>x64</Platform>
 11 |     </ProjectConfiguration>
 12 |   </ItemGroup>
 13 |   <PropertyGroup Label="Globals">
 14 |     <ProjectGuid>{3511B035-D097-4F24-BF47-7B29359FC551}</ProjectGuid>
 15 |     <Keyword>Win32Proj</Keyword>
 16 |     <RootNamespace>RTTIObfuscator</RootNamespace>
 17 |     <WindowsTargetPlatformVersion>8.1</WindowsTargetPlatformVersion>
 18 |   </PropertyGroup>
 19 |   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
 20 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
 21 |     <ConfigurationType>Application</ConfigurationType>
 22 |     <UseDebugLibraries>true</UseDebugLibraries>
 23 |     <PlatformToolset>v141</PlatformToolset>
 24 |     <CharacterSet>Unicode</CharacterSet>
 25 |   </PropertyGroup>
 26 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
 27 |     <ConfigurationType>Application</ConfigurationType>
 28 |     <UseDebugLibraries>false</UseDebugLibraries>
 29 |     <PlatformToolset>v141</PlatformToolset>
 30 |     <WholeProgramOptimization>true</WholeProgramOptimization>
 31 |     <CharacterSet>Unicode</CharacterSet>
 32 |   </PropertyGroup>
 33 |   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
 34 |   <ImportGroup Label="ExtensionSettings">
 35 |   </ImportGroup>
 36 |   <ImportGroup Label="Shared">
 37 |   </ImportGroup>
 38 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
 39 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 40 |   </ImportGroup>
 41 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
 42 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 43 |   </ImportGroup>
 44 |   <PropertyGroup Label="UserMacros" />
 45 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
 46 |     <LinkIncremental>true</LinkIncremental>
 47 |   </PropertyGroup>
 48 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
 49 |     <LinkIncremental>false</LinkIncremental>
 50 |   </PropertyGroup>
 51 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
 52 |     <ClCompile>
 53 |       <PrecompiledHeader>
 54 |       </PrecompiledHeader>
 55 |       <WarningLevel>Level3</WarningLevel>
 56 |       <Optimization>Disabled</Optimization>
 57 |       <PreprocessorDefinitions>_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
 58 |     </ClCompile>
 59 |     <Link>
 60 |       <SubSystem>Console</SubSystem>
 61 |       <GenerateDebugInformation>true</GenerateDebugInformation>
 62 |     </Link>
 63 |   </ItemDefinitionGroup>
 64 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
 65 |     <ClCompile>
 66 |       <WarningLevel>Level3</WarningLevel>
 67 |       <PrecompiledHeader>
 68 |       </PrecompiledHeader>
 69 |       <Optimization>MaxSpeed</Optimization>
 70 |       <FunctionLevelLinking>true</FunctionLevelLinking>
 71 |       <IntrinsicFunctions>true</IntrinsicFunctions>
 72 |       <PreprocessorDefinitions>NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
 73 |     </ClCompile>
 74 |     <Link>
 75 |       <SubSystem>Console</SubSystem>
 76 |       <EnableCOMDATFolding>true</EnableCOMDATFolding>
 77 |       <OptimizeReferences>true</OptimizeReferences>
 78 |       <GenerateDebugInformation>true</GenerateDebugInformation>
 79 |     </Link>
 80 |   </ItemDefinitionGroup>
 81 |   <ItemGroup>
 82 |     <ClCompile Include="src\main.cpp" />
 83 |   </ItemGroup>
 84 |   <ItemGroup>
 85 |     <None Include=".gitignore" />
 86 |     <None Include="packages.config" />
 87 |   </ItemGroup>
 88 |   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
 89 |   <ImportGroup Label="ExtensionTargets">
 90 |     <Import Project="packages\boost.1.65.1.0\build\native\boost.targets" Condition="Exists('packages\boost.1.65.1.0\build\native\boost.targets')" />
 91 |     <Import Project="packages\boost_regex-vc141.1.65.1.0\build\native\boost_regex-vc141.targets" Condition="Exists('packages\boost_regex-vc141.1.65.1.0\build\native\boost_regex-vc141.targets')" />
 92 |     <Import Project="packages\boost_filesystem-vc141.1.65.1.0\build\native\boost_filesystem-vc141.targets" Condition="Exists('packages\boost_filesystem-vc141.1.65.1.0\build\native\boost_filesystem-vc141.targets')" />
 93 |     <Import Project="packages\boost_system-vc141.1.65.1.0\build\native\boost_system-vc141.targets" Condition="Exists('packages\boost_system-vc141.1.65.1.0\build\native\boost_system-vc141.targets')" />
 94 |   </ImportGroup>
 95 |   <Target Name="EnsureNuGetPackageBuildImports" BeforeTargets="PrepareForBuild">
 96 |     <PropertyGroup>
 97 |       <ErrorText>This project references NuGet package(s) that are missing on this computer. Use NuGet Package Restore to download them.  For more information, see http://go.microsoft.com/fwlink/?LinkID=322105. The missing file is {0}.</ErrorText>
 98 |     </PropertyGroup>
 99 |     <Error Condition="!Exists('packages\boost.1.65.1.0\build\native\boost.targets')" Text="$([System.String]::Format('$(ErrorText)', 'packages\boost.1.65.1.0\build\native\boost.targets'))" />
100 |     <Error Condition="!Exists('packages\boost_regex-vc141.1.65.1.0\build\native\boost_regex-vc141.targets')" Text="$([System.String]::Format('$(ErrorText)', 'packages\boost_regex-vc141.1.65.1.0\build\native\boost_regex-vc141.targets'))" />
101 |     <Error Condition="!Exists('packages\boost_filesystem-vc141.1.65.1.0\build\native\boost_filesystem-vc141.targets')" Text="$([System.String]::Format('$(ErrorText)', 'packages\boost_filesystem-vc141.1.65.1.0\build\native\boost_filesystem-vc141.targets'))" />
102 |     <Error Condition="!Exists('packages\boost_system-vc141.1.65.1.0\build\native\boost_system-vc141.targets')" Text="$([System.String]::Format('$(ErrorText)', 'packages\boost_system-vc141.1.65.1.0\build\native\boost_system-vc141.targets'))" />
103 |   </Target>
104 | </Project>


--------------------------------------------------------------------------------
/RTTIObfuscator.vcxproj.filters:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
 3 |   <ItemGroup>
 4 |     <Filter Include="Source Files">
 5 |       <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
 6 |       <Extensions>cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
 7 |     </Filter>
 8 |     <Filter Include="Header Files">
 9 |       <UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
10 |       <Extensions>h;hh;hpp;hxx;hm;inl;inc;xsd</Extensions>
11 |     </Filter>
12 |     <Filter Include="Resource Files">
13 |       <UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
14 |       <Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
15 |     </Filter>
16 |   </ItemGroup>
17 |   <ItemGroup>
18 |     <None Include=".gitignore" />
19 |     <None Include="packages.config" />
20 |   </ItemGroup>
21 |   <ItemGroup>
22 |     <ClCompile Include="src\main.cpp">
23 |       <Filter>Source Files</Filter>
24 |     </ClCompile>
25 |   </ItemGroup>
26 | </Project>


--------------------------------------------------------------------------------
/packages.config:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" encoding="utf-8"?>
2 | <packages>
3 |   <package id="boost" version="1.65.1.0" targetFramework="native" />
4 |   <package id="boost_filesystem-vc141" version="1.65.1.0" targetFramework="native" />
5 |   <package id="boost_regex-vc141" version="1.65.1.0" targetFramework="native" />
6 |   <package id="boost_system-vc141" version="1.65.1.0" targetFramework="native" />
7 | </packages>


--------------------------------------------------------------------------------
/src/main.cpp:
--------------------------------------------------------------------------------
  1 | #include <windows.h>
  2 | #include <iostream>
  3 | #include <fstream>
  4 | #include <sstream>
  5 | #include <algorithm>
  6 | #include <random>
  7 | #include <time.h>
  8 | #include <cstdlib>
  9 | #include <unordered_set>
 10 | 
 11 | #include <boost/regex.hpp>
 12 | #include <boost/filesystem.hpp>
 13 | 
 14 | using namespace std;
 15 | 
 16 | std::unordered_set<std::string> usedTypeNames;
 17 | 
 18 | std::string getRandomString(const int len) {
 19 | 	string s;
 20 | 	s.resize(len);
 21 | 
 22 | 	for (auto i = 0; i < len; ++i) {
 23 | 		// just pick a random byte
 24 | 		s[i] = rand() % 0xff;
 25 | 	}
 26 | 
 27 | 	s[len] = 0;
 28 | 	
 29 | 	return s;
 30 | }
 31 | 
 32 | int main(int argc, char* argv[])
 33 | {
 34 | 	cout << "===== RTTI obfuscator by koemeet =====" << endl;
 35 | 
 36 | 	srand(time(nullptr));
 37 | 
 38 | 	try 
 39 | 	{
 40 | 		if (argc < 2) 
 41 | 		{
 42 | 			throw std::exception("Please provide a path or drop a file into me.");
 43 | 		}
 44 | 
 45 | 		// path to input binary
 46 | 		string path = argv[1];
 47 | 
 48 | 		std::ifstream fs(path, std::fstream::binary);
 49 | 		if (fs.fail())
 50 | 		{
 51 | 			throw std::exception("Could not open source binary");
 52 | 		}
 53 | 
 54 | 		// read file contents
 55 | 		std::stringstream ss;
 56 | 		ss << fs.rdbuf();
 57 | 		auto contents = ss.str();
 58 | 
 59 | 		boost::regex reg(R"(\.(\?AV|PEAV)(.+?)@@\0)");
 60 | 
 61 | 		// replace RTTI types
 62 | 		contents = boost::regex_replace(contents, reg, [&](const boost::smatch& m)
 63 | 		{
 64 | 			auto prefix = m[1].str();
 65 | 			auto typeName = m[2].str();
 66 | 
 67 | 			auto length = 1 + prefix.size() + typeName.size() + 2;
 68 | 
 69 | 			// max length of the new type name
 70 | 			auto maxNewLength = 3;
 71 | 
 72 | 			// get a new random name untill we have one we never used before
 73 | 			std::string newTypeName;
 74 | 			do
 75 | 			{
 76 | 				newTypeName = getRandomString(length);
 77 | 				if (newTypeName.size() > maxNewLength)
 78 | 				{
 79 | 					memset(const_cast<char*>(newTypeName.data()) + maxNewLength, 0, length - maxNewLength);
 80 | 				}
 81 | 
 82 | 			} while (usedTypeNames.find(newTypeName) != usedTypeNames.end());
 83 | 
 84 | 			usedTypeNames.emplace(newTypeName);
 85 | 
 86 | 			return newTypeName + '\0';
 87 | 		});
 88 | 
 89 | 		// generate output path
 90 | 		boost::filesystem::path p(path);
 91 | 		auto outputPath = p.parent_path().string() + "\\" + p.stem().string() + p.extension().string();
 92 | 
 93 | 		// write to file
 94 | 		std::ofstream os(outputPath, std::ofstream::trunc | std::ofstream::binary);
 95 | 		if (!os.write(contents.data(), contents.size()))
 96 | 		{
 97 | 			throw std::exception((std::string("Unable to write to file ") + outputPath).c_str());
 98 | 		}
 99 | 		else
100 | 		{
101 | 			cout << "Successfully obfuscated RTTI information. Output written to " << outputPath << endl;
102 | 			system("pause");
103 | 		}
104 | 	} 
105 | 	catch (std::exception &e)
106 | 	{
107 | 		cout << e.what() << endl;
108 | 		system("pause");
109 | 		return 1;
110 | 	}
111 | 
112 |     return 0;
113 | }
114 | 


--------------------------------------------------------------------------------