Body Mutation

Understanding the protection

Body mutations are a set of techniques used in code obfuscation to protect intellectual property and make it more difficult for attackers to reverse engineer and understand the underlying code. These techniques include constant decomposition, code mangling, and function outlining, among others.

Constant decomposition is a technique that breaks down constant values into multiple smaller parts and stores them in different locations in the code. This makes it difficult for attackers to identify and extract these values, thus protecting the intellectual property embedded in them.

Code mangling is another technique that involves modifying variables, functions, and other code elements to make them less readable and recognizable. This makes it difficult for attackers to understand the code and its functionality, thus protecting the intellectual property contained in it.

Function outlining is a technique that involves extracting common code blocks and placing them in separate functions. This not only improves the code's readability and maintainability, but also makes it harder for attackers to understand the code's functionality and extract its intellectual property.

Overall, body mutations offer several advantages in terms of code obfuscation and IP protection.

Before Obfuscation:

        public static void Main(string[] args) {
          int i, sum = 0, n;
          Console.Write("Enter the Nth Number : ");
          n = int.Parse(Console.ReadLine());
          for (i = 0; i <= n; i++) {
            sum = sum + i;
          }
          Console.WriteLine("\nSum of N Numbers : " + sum);
          Console.ReadLine();
        }

After Obfuscation:

!(~(((((((*(int*)(obj.>)._}}_<_>{>( + 8) & 577869) ^ (*(int*)(obj.>)._}}_<_>{>( + 8) ^ 736216)) != 735706) ? -348746744 : -811) ^ *(int*)(obj.>)._}}_<_>{>( + 8)) + *(int*)(obj.>)._}}_<_>{>( + 4) - *(int*)(obj.>)._}}_<_>{>( + 4) | *(int*)(obj.>)._}}_<_>{>( + 4)) > ((((((*(int*)(obj.>)._}}_<_>{>( + 8) | 25303) ^ (*(int*)(obj.>)._}}_<_>{>( + 8) & 258408)) != 25303) ? -833691950 : 802) ^ *(int*)(obj.>)._}}_<_>{>( + 8)) + *(int*)(obj.>)._}}_<_>{>( + 4) & *(int*)(obj.>)._}}_<_>{>( + 4)) * ((((*(int*)(obj.>)._}}_<_>{>( + 8) + 911987 & (*(int*)(obj.>)._}}_<_>{>( + 8) ^ 188070)) != 52524) ? -1018579007 : 800) ^ *(int*)(obj.>)._}}_<_>{>( + 8))) & (10.681713f / (float)(*(int*)(obj.>)._}}_<_>{>( + 4)) & (float)(*(int*)(obj.>)._}}_<_>{>( + 4)) & (float)(((*(int*)(obj.>)._}}_<_>{>( + 8) + 115805 + (*(int*)(obj.>)._}}_<_>{>( + 8) + 754033) != 871396) ? -1195773132 : 778) ^ *(int*)(obj.>)._}}_<_>{>( + 8))) < (-7.0337505f * (float)(*(int*)(obj.>)._}}_<_>{>( + 4)) + (float)((((*(int*)(obj.>)._}}_<_>{>( + 8) & 375784 & *(int*)(obj.>)._}}_<_>{>( + 8) + 612283) != 512) ? 1057956446 : 840) ^ *(int*)(obj.>)._}}_<_>{>( + 8)) ^ (float)(*(int*)(obj.>)._}}_<_>{>( + 4))))

Exploring the different settings

Due to Body Mutation being a composition of features rather than a single feature, you are allowed to tune the obfuscation parameters.

Performance Mode

The performance mode will remove the more resilient techniques in an effort to keep the original performance of the method or application.

Intensity

The intensity sets the complexity of the injected arithmetic and logical functions, this setting increases the potency of the protection.

Complex CFG

The Complex CFG Mode inserts a set of new techniques that will increase the resilience and potency levels.

Enhanced Integrity

The enhanced integrity setting will add extra self-integrity and defensive checks against unwanted tampering and analysis of the application.

String Melting

The String Melting option melts, mutates, and encrypts the strings stored in your application. The potency and resilience levels are increased.