MachObfuscator is a programming-language-agnostic tool for obfuscating Mach-O binaries on Apple platforms, targeting developers and security researchers seeking to hinder reverse engineering efforts. It operates by transforming symbol names within Mach-O files without requiring source code access, offering a method to obscure Objective-C class names, selectors, and Swift reflection data.

How It Works

MachObfuscator functions as a binary symbolic obfuscator, directly manipulating Mach-O file structures. It identifies and obfuscates symbol names (like Objective-C class and method names) and other metadata within executables and libraries. The tool analyzes the entire dependency graph of an application bundle, distinguishing between obfuscable files within the bundle and unobfuscable external dependencies. It then applies a chosen "mangler" (e.g., ROT13 or random words) to symbol names and replaces them in the relevant Mach-O sections, including __objc_classname, __objc_methname, and LC_DYLD_INFO_ONLY for export and binding information.

Quick Start & Requirements

• Install/Run: Download the pre-compiled binary from the releases page.
• Prerequisites: macOS.
• Usage: ./MachObfuscator <APP_BUNDLE|FILE> [OPTIONS]
• Integration: Can be integrated into CI/CD pipelines, such as with fastlane, using the provided obfuscate.sh script.
• Documentation: https://github.com/kam800/MachObfuscator

Highlighted Details

• Obfuscates Objective-C class names, selectors, and Swift reflection sections.
• Supports obfuscation of iOS NIBs and Storyboards (macOS NIBs lack binding support).
• Offers options to blacklist specific classes/selectors or erase specific sections.
• Provides two mangling strategies: caesar (ROT13) and realWords (random words).

Maintenance & Community

• Author: @kam800 on Twitter.
• Contribution: Open to ideas and code contributions.

Licensing & Compatibility

• License: MIT License.
• Compatibility: Permissive for commercial use and closed-source linking.

Limitations & Caveats

MachObfuscator does not support binaries with a minimum Deployment Target of 12.X or run on macOS versions with a Deployment Target of 12.X or higher. It also does not support watchOS, tvOS, or Bitcode. Automatic code re-signing is not included; manual re-signing is required. Some features like Swift reflection obfuscation may cause issues with Swift versions >= 4.2.