通过混淆实践进行通用设计?
您看到混淆群体在设计中使用了哪些常见做法? 我发现参与不允许重写的项目很有趣,而这将是解决问题的更快、最有效的解决方案。
What are some common practices you have seen used in the design by obfuscation crowd? I find it interesting to be on projects that are not allowed to be rewritten while, that would be the faster and most efficient solution to the problem.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(6)
我最喜欢的总是围绕变量......将不再使用的变量留在代码中,然后给它们提供所有无意义的名称。 当然,如果你真的想混淆的话,你必须小心避免几乎所有约定。 因此,完美的做法是拥有两个类似使用的变量,一个名为 myVar1,另一个名为 myVarOne。 诸如此类的东西...
另一种方法是包含仅在代码中可见的未使用的控件。 我盯着一个 ASP.NET 站点看了整整一个小时,试图找出为什么 FormView 被放入其中......(没有答案)。
My favorites always revolve around variables...leaving ones in the code that are no longer used, then giving them all meaningless names. Of course, you have to be careful to avoid nearly all convention if you really want to obfuscate. So, a perfect one would be to have two similarly used variables, one named myVar1, and another named myVarOne. Stuff like that...
Another one is to include un-used controls that are only visible within the code. I stared at one ASP.NET site for a good hour trying to figure out why a FormView was dropped into it..(there was no answer to that).
我曾经研究过 Perl 代码,其中作者决定让大多数子程序接收单个哈希值作为变量,并返回添加或删除数据的相同哈希值。 基本上,一个全局哈希用于通过不同的代码路径传递数据。
它看起来像这样:
直到今天我仍无法弄清楚他试图用它来实现什么设计模式。
我记得
$hash会很好地排列起来。I once worked on perl code where the author decided to have most of the subs receive a single hash as a variable and returned that same hash with data added or removed. Basically one global hash used to pass data through the different code paths.
It looked something like this:
To this day I can't figure out what design pattern he was trying to implement with this.
I remember the
$hashwould be lined up nicely.我们让一个与我们合作的人将文件存储在名为 /kensington 的文件夹中,以便“隐藏”它们。 它只包含一些他不希望看到的 xml 文件,并且认为人们不会查看其中的内容。
We had one person we worked with store files in a folder call /kensington in order to "hide" them. It just contained some xml files that he didnt want seen and figured people wouldn't look in there.
代码中没有或无用的注释,也没有有用的文档。
No or useless comments in the code along with no useful documentation.
我与一位程序员一起工作,他过去常常编写非常复杂的条件,当满足这些条件时,就会调用一个简单地完成系统的方法。 他在整个应用程序中这样做了数十次。 还是不知道为什么......
I worked with a programmer that used to write hugely complex conditions that when met would call a method that simply did a system out. He did this dozens of times throughout the entire app. Still not sure why....
我在那里想,设计良好的代码应该独立地被阅读,而不是被破译。
据我所知,我们鼓励关心混淆的人在其他环境中使用 dotfuscator 等工具及其等效工具。 混淆是指使代码更难反编译,而不仅仅是使其使用起来很痛苦。
为什么有人会故意设计可怕的代码(除了展示陷阱)我无法理解。
And there I was thinking that well designed code should stand up on its own to be read, not deciphered.
I understand that people who care about obfuscation are encouraged to use tools like dotfuscator and its equivalents in other environments. Obfuscation in the sense of making the code harder to decompile though, not just making it a pain to work with.
Why anyone would deliberately design horrible code (except to demonstrate the gotchas) is beyond me.