Hacker News new | past | comments | ask | show | jobs | submit login

Has it ever been used against reverse engineering in the wild? Its lack of compiler features (it's based on lcc IIRC) and the sheer slowness of any operation makes it quite unsuitable for production usage.



In my case, it's sort of a yes and no. I reverse engineered partly, but I was only looking to replace whole function calls.

Company I came in as a contractor to... Sort of repair codebases and retrain staff, had a product they were getting paid buckets to support.

Unfortunately, someone had broken the codebase quite severely, and they weren't using version control. All we had was a movfuscated release (yay for paranoid managers who go to tech conferences), but needed to fix a certain feature ASAP.

So I used demovfuscator, someone's memory of what the code once looked like, and some ASM know-how to tear out references to the old and inject the new. Took a couple months of going nowhere fast, but I was pretty far out of my depth.

They don't use movfuscator anymore.


Every time I see some one say no version control I do a double take. Hopefully you managed to convince them to start it?


... No... The best I could convince was a regular rsync backup at end of day... You win some, you lose some.


To be honest, rsync sounds like a big win in that group..sheesh.

Good work all around.


The comment you're referring to implies yes, and it's often applied to very specific pieces of code instead of the entire program.

I have also seen a similar obfuscation, although perhaps not using The Movfuscator, many years ago in some shareware. You could probably guess which parts of the code used it; it even looks very distinctive when you open the binary in a text editor for a quick glance.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: