Comment by mschuster91
Comment by mschuster91 8 days ago
There's at least one plugin for LLVM to obfuscate strings from binaries [1], and for Android there is DexGuard [2]. The general idea is to make life as difficult as possible for reverse engineers, crackers and whomever else - hardcoded stuff just showing up in "cat .binfile | strings" is about the first thing I do when investigating some random stuff, and there's tools like binwalk that can automatically do stuff like extracting PEM certificates and other easily identifiable content.
Of course they can all be reverse engineered by hand, if you figure out the scheme used you can write yourself an IDA or Ghidra plugin/script to automate the process - which assumes that the method doesn't (subtly) change between different builds of the target. Or you can attempt to intercept memory accesses of the application. But that's tedious, annoying and complex busywork that no one really wants to do.