Friday, January 30, 2009

Babel 1.4 Released

After a week spent on testing babel 1.4 I have decided to release the binaries.
I am quite happy about the tests results. Unfortunatly 64 bit support is not complete: I have found that executables once obfuscated run always in WOW64. Whereas dlls seem to run into 64 bit environment if obfuscated without inserting invalid opcodes. Seem that something is wrong into the PE executable so that the OS loader force the WOW64 subsystem to start. Untill now I don't have understood the reason completely so the 64 bit support for now is dalayed.



Thursday, January 22, 2009

Next 1.4 Release

Long time has passed from release 1.3 and now the new release of babel is close to be released. I hope to close all the tests in this week and upload the 1.4 binaries at the begin of next one.
I would like to thanks all the people that download babel. Thank you for your support and for the time you spend to report to me bugs and feelings.

The 1.4 release have some major changes from previous release:

First of all the obfuscator engine was totally rewritten and this took a lot of time to deveop and test. This new engine fix some bugs that occurred with obfuscation of generic types and also introduce obfuscation of generic type arguments. The new engine was tested also with the code autogenerated  by LINQ query and it seem to perform very well. 
The major improvement is the introduction of obfuscator agent. The agent performs a code static analysis before obfuscation process to find all the symbols that should not to be obfuscated because they will probably break the resulting obfuscated assembly. Agent should improve obfuscation reliability without using rule files (that are also important and of course not removed in this new version).
Another improvement is in string encryption. Now it is possible to encrypt string of assembly where you don't have access to the source code. In version 1.3 string encryption was possible only by inserting two methods into the assembly suited to encrypt and decrypt strings. Although this custom encryption offers a good protection, it is impossible to use when the source code is not available. So when encrypting strings of assemblies that are not proprietary, babel insert a custom decryption method into the obfuscated target.

Also 64 bit fans will enjoy this new version because I have inserted the capability to disable injection of bad IL opcodes so that it is possible to run agnostic CPU asseblies into 64 bit OS (see issue 8).

Another major feature of version 1.4 are XML mapping files. I have to say that is a preview that should need more attention in future release. Mapping files should contains enough information to reconstruct obfuscated call stack. Presently I have not developed an application able to decrypt stack trace but mapping file are a first step towards this aim.

Ok, I hope you like next babel version 1.4. 

Best Regards