[Closed] MXS code obfuscation
Does anyone know of any tools that can robustly perform code obfuscation for MAXScript code? This is not really about copy protection but more about protecting algorithms and many months of R&D. Obfuscation can be reverted, sure, but if done right it will be pretty slow and costly.
So far, I found many tools for PHP, JavaScript, or .Net and I wonder how difficult it would be to adopt one of those to work with MAXScript code?
What other programming language is closest to MAXScript? Lua?
And finally I wonder whether one could leverage the syntax highlighting capabilities in Notepad++ or Sublime for this?
Thanks for any insights
– MartinB
Hi there,
I have no idea about code obfuscation for MAXScript, but I have made a syntax definition for notepadd++. It is not complete, but you can add missing things when you open it as a user-defined language.
If you don’t like it, search in Google for it, there are some people that already did something like that.
Kind regards!
maybe …maybe …c# n vb…i think…the style in maxscript free style is like vb…
I think you would have to write your own tools for MXS obfuscation
I brievly thought about that topic half a year ago, and the only things i came up with were:
Write a text processing tool (maybe based on lex, YACC or similar) that makes your source as hard to read as possible, but still compiles in the maxscript compiler.
- convert all tabs, multiple spaces, formatting etc. to single space
- fit functions into single lines using ; ( if possible )
- convert all variable names ( including function names ) to GUID style
- insert blocks dummy code automatically ( which never gets run or called of course )
etc…
main problem is that encrypted scripts can be decrypted and people peek into the source
now your only option is making the source as hard to read as possible…
if the your core algorithms are that important to you the best and easiest way to obfuscate them is to put them in a compiled plugin.
There are tools out there that do c# obfuscation (I think even in VS there such a tool), you could write a c# assembly or maxplus maybe and obfuscate that?
-Johan
there is a ‘big industry’ of hacking, cracking, decrypting, and refactoring of .net (c#, VB) codes… probably bigger than for any other languages. more or less good obfuscators are not free and can be pretty expensive ($500-$5000).
i’m agree with people on this thread who says that the better solution is compiled c++ code. it doesn’t guaranty full protection but at least it makes a hacker spends more time to crack it.
which makes sometimes no sense to crack a thing spending hours (money) than just buy it for 20-50 bucks.
lex, yacc, compiled plugin, c#… I was hoping this would not require a re-write.
I took a stab at parsing a .ms file but this really needs to be done right, otherwise there are just too many failure cases.
Josef, what is ‘GUID style’ for functions?
And yes, this all comes from the ease of decrypting .mse
– MartinB
also i think that not many clients want to share a thing what they paid for. using a simple licensing you can easy determine a ‘source of leaking’ if so.
Thanks all for the comments.
As I said, this is not about stopping some hardcore hacker, and also not about preventing the tool to be copied/used, but rather to protect some algorithms. Re-writing those as C++ plugin is not a solution as it would require installing a plugin that needs recompilation with every other release. Also, to convert the algorithms into SDK code would take too much time.
– MartinB
if you want to make only understanding how your algorithm works as hard as possible only by reading it probably it's possible... you have to write this piece of cod a little specific, following some rules to make it easier for 'uglifying' :)
for example:
source:
fn blendMatrix m1: m2: weight:0.5 =
(
fn dotQuat q q_prev = (q.w * q_prev.w + q.x * q_prev.x + q.y * q_prev.y + q.z * q_prev.z)
local r1 = m1.rotation
local r2 = m2.rotation
if (dotQuat r1 r2) < 0 do r1 *=-1
local r = slerp (normalize r1) (normalize r2) weight
local t = m1.pos + (m2.pos - m1.pos) * weight
local s = m1.scale + (m2.scale - m1.scale) * weight
translate (rotate (scalematrix s) r) t
)
blendMatrix m1:(matrix3 1) m2:(matrix3 1) weight:0.0
after 'uglifying'
fn\--\********************************************************************************\
'ScjkMzrp3BrIBzBEln3I4g==''2wKt7IOkeYC9DJszleKK0g==':'snh5l17IyK1Q5YkIZ1VHWw==':'E9vZRm6Xb59iyzFSCsgJMA==':0.5=
(
'7M1ekLY0bycu2TvMyA+63Q=='=TRANSLATE;'rB9GDoMTCe7BqLpQh1TY8g=='=\
slerp;fn '7PUzWde+tArF10jn0kD80A==' 'RikZajcZ64nzUBLB9GLoGw==' 'xCl43hpKRELP8fn9YDtkpA==' = ('RikZajcZ64nzUBLB9GLoGw=='.w * 'xCl43hpKRELP8fn9YDtkpA=='.w+'RikZajcZ64nzUBLB9GLoGw=='.x*\
'xCl43hpKRELP8fn9YDtkpA=='.x+'RikZajcZ64nzUBLB9GLoGw=='.y*'xCl43hpKRELP8fn9YDtkpA=='.y+'RikZajcZ64nzUBLB9GLoGw=='.z*'xCl43hpKRELP8fn9YDtkpA=='.z)
'tsp9Aq/lUB7RyQG9lhd6kA=='=\
'2wKt7IOkeYC9DJszleKK0g=='.rotation;'TMRjdAITLEP9LEjk8tyFhg=='=normalize;'+XxwC7MPi3m6P2u7WOQhTg=='='snh5l17IyK1Q5YkIZ1VHWw=='.rotation
if('7PUzWde+tArF10jn0kD80A==''tsp9Aq/lUB7RyQG9lhd6kA==' '+XxwC7MPi3m6P2u7WOQhTg==')<0 do'tsp9Aq/lUB7RyQG9lhd6kA=='*=-1;'xWCIfBsGc+kL2gGBbsrJXg=='=\
--\************************************************************************************\
ROTATE;
'mMu7IJRfL1nFRGqV4Gegyw=='='rB9GDoMTCe7BqLpQh1TY8g=='('TMRjdAITLEP9LEjk8tyFhg==''tsp9Aq/lUB7RyQG9lhd6kA==')('TMRjdAITLEP9LEjk8tyFhg==''+XxwC7MPi3m6P2u7WOQhTg==')'E9vZRm6Xb59iyzFSCsgJMA=='
'nVrTR1xn2GdkI11g24O6UA=='='2wKt7IOkeYC9DJszleKK0g=='.pos+('snh5l17IyK1Q5YkIZ1VHWw=='.pos-'2wKt7IOkeYC9DJszleKK0g=='.pos)*'E9vZRm6Xb59iyzFSCsgJMA==';'C15+vrRHAW27eu8WnoyInw=='=scalematrix
'tbUzWQObPG/B4vN0FZv0ZQ=='='2wKt7IOkeYC9DJszleKK0g=='.scale+('snh5l17IyK1Q5YkIZ1VHWw=='.scale-'2wKt7IOkeYC9DJszleKK0g=='.scale)*'E9vZRm6Xb59iyzFSCsgJMA=='
'7M1ekLY0bycu2TvMyA+63Q=='('xWCIfBsGc+kL2gGBbsrJXg=='('C15+vrRHAW27eu8WnoyInw==''tbUzWQObPG/B4vN0FZv0ZQ==')\
'mMu7IJRfL1nFRGqV4Gegyw==')'nVrTR1xn2GdkI11g24O6UA==')
'ScjkMzrp3BrIBzBEln3I4g==''2wKt7IOkeYC9DJszleKK0g==':\
(matrix3 1)\
'snh5l17IyK1Q5YkIZ1VHWw==':\
(matrix3 1)\
'E9vZRm6Xb59iyzFSCsgJMA==':0000000000000000000000000000000.0
nice, is not it? :)
ps. in some place added ‘extra’ spaces…
for example ‘rB9GDoMTCe7BqLpQh1TY8g ==’ has to be ‘rB9GDoMTCe7BqLpQh1TY8g==’
but i swear the code works! and there is no any performance difference