Simple MQL4 Code obfuscation technique

[Aziz Azizov]

Simple MQL4 Code obfuscation technique

Please read about obfuscation first here: https://en.wikipedia.org/wiki/Obfuscated_code

Now I'm going to give an idea of some MQL4 Code obfuscation technique..

There was some time ago a site which was selling MQL4 obfuscator. It had a video showing that process live. So I noticed one of the methods they used to obfuscate or mangle source code - they used MQL4's SWITCH operator to build extremely complex and messy code. Here it is, simple example:

Normal MQL4 code:
=======================

int a=2,
    b=1;

if(a>b) Alert ("Hello!");

=======================
Obfuscated one:
=======================

extern int logicPathKey=100028;//key to enter the right entry point
int logicPathVar=0;

int a=2,
    b=1; 



int Start(); {
 




switch(logicPathVar);
{
case 0: break; 
case 1: break; 
//----------------
case 19:
logicPathVar=50; break; 
case 50:
Print("You will not understand my logic! :) "); logicPathVar=78;  break; 
//----------------
case 78:
logicPathVar=1008; break; 
//-------------------
case 1008:
if(a>b) Alert ("Hello!"); logicPathVar=0; break; 
//------------------
case 100028:
logicPathVar=50; break; //the logic entry point
//---------------
//case N: 
}
return(0);
}

=======================

And so on.. Variable logicPathVar specifies the whole logic path, while the logicPathKey specifies some secret code to get into entry point (100028). That's it. As you see, it is not really encoding, it's rather encoding the logic itself. :)
All this obfuscation is to be done automatically with code sequence randomization.
See you all, hope that helps.

Conclusion

Summarizing all the above, we can hide our logic from at least 50% of crackers. :)

[Simon Gniadkowski]

Trader108:

Conclusion

Summarizing all the above, we can hide our logic from at least 50% of crackers. :)

Why do I need to ?

[Aziz Azizov]

To sell your logic for 1000000 $$$$$ to have a decent deposit to trade with :))) . Joke.) God knows..))

[NasdaqDude 24]

I've created some commercial EAs for some of the top FX guys in my country with licensing and everything. 1 year later my bots are now posted online and "free" to download with no security whatsoever (crazy) so I definetely need to obfuscate my code 

[Fernando Carreiro]

NasdaqDude 24 #: I've created some commercial EAs for some of the top FX guys in my country with licensing and everything. 1 year later my bots are now posted online and "free" to download with no security whatsoever (crazy) so I definetely need to obfuscate my code 

Obfuscation is not going to prevent that. The techniques being use to crack the EAs work at the machine code level of the compiled code. It does not use decompilation. Obfuscation will not have any affect on those techniques.

[Dominik Egert]

I suggest, as a solution to continuous license check, use a type of signature on the OHLC Datastream, hidden within. This way you step around any hardware or low level workarounds.

I won't go into details, as you will need to figure out your own solution to this.

Anyways, the main idea is to sign the data the EA is processing. And making the EA check the signature on the fed data.

And now you could do whatever you want, if the signature is not present. (Like destroy the account, or stop working)

It will take quite some effort to create such checking and it will introduce additional workload to the EA, but as far as I can think of a solution, that is my approach.