While i was scrolling my old mails in search of some financial document i found one interesting doc on which i was working long time back and due to some unknown reason didn't able to continue it. Here i am posting that unfinished work. I will try to cover topics in detail in future .
To totally obscure with non-germane information in a verbose manner, with the intent to provide a non-answer, and provide total befuddlement.
“Any hacker worth his salt is an artist in obfuscation”.
In network security, obfuscation refers to methods used to obscure an attack payload from inspection by network protection systems.
Encryption vs Obsfucation
Obfuscation, in general, describes a practice that is used to intentionally make something more difficult to understand. In a programming context, it means to make code harder to understand or read, generally for privacy or security purposes. A tool called an obfuscator is sometimes used to convert a straight-forward program into one that works the same way but is much harder to understand.
The manipulation of data to prevent accurate interpretation by all but those for whom the data is intended. Financial institutions use encryption to increase the security of data transmitted via the Internet.
Method of obfuscation
There are many varieties of interesting obfuscations ranging from simple keyword substitution, use/non-use of whitespace to create artistic effects.
Obfuscation by code morphing
This is achieved by completely replacing a section of the compiled code with an entirely new block that expects the same machine state when it begins execution as the previous section, and will leave with the same machine state after execution as the original. However, a number of additional operations will be completed as well as some operations with an equivalent effect.
Obfuscation in malicious software
The purpose of trail obfuscation is to confuse, disorientate and divert the forensic examination process. Trail obfuscation covers a variety of techniques and tools that include “log cleaners, spoofing, misinformation, backbone hoping, zombied accounts, trojan command”.
Advantages of obfuscation
Intellectual property protection
Disadvantages of obfuscation
When used alone
At best, obfuscation merely makes it time-consuming, but not impossible, to reverse engineer a
program. When security is important, measures other than obfuscation should be used.
Obfuscated code is extremely difficult to debug. Variable names will no longer make sense, and the structure of the code itself will likely be modified beyond recognition. This fact generally forces developers to maintain two builds:
Obfuscated code often depends on the particular characteristics of the platform and compiler, making it difficult to manage if either change
Obfuscation for Evasion
Protection provided by Security devices can be bypassed by obfuscating the exploit/shellcode . Some of the known methods are: