Government Security
Network Security Resources

Jump to content

Photo

Vb Dot Net Code Obfustication?


  • Please log in to reply
5 replies to this topic

#1 cross

cross

    Corporal

  • Members
  • 157 posts

Posted 30 March 2005 - 06:33 PM

ok so for those of you out there that are developers in dot net you are well aware of the problems your Dot Net compiled code creates.

the problem being very easy decompilation of the application (from memory) into original compilable source code.

this is a problem for a number of reasons.

My question is this.

is there a way to prevent this.

encryption will not work, that just secures the EXE itsself but as soon as it is loaded into memory it is no longer encrypted. but that works the same for any application.

i have been reading about obfustication, but i am not going to rewrite all my code into some very obscure manner.

i was considering writing something to do this for me, but that is something that i would rather not focus on.

i do understand that all apps are not safe from decompiling. but there is a few methods out there to make that proscess a little harder. and there has to be something out there for dot net apps.

so if anyone knows anything. please respond here or VIA PM

thank you
Google the Ron Paul Revolution

#2 Zimmergren

Zimmergren

    Staff Sergeant

  • Sergeant Major
  • 487 posts

Posted 31 March 2005 - 12:15 AM

Heh, you don't need to rewrite your code.
There's tools that will obfuscate your code for you, making it "indecryptable", or atleast somewhat indecryptable, depending on what obfuscator you use. A start is to use the tool that comes with the VS.NET Suite.. There's a bunch of really good obfuscators around aswell.. I'm not using one myself at the moment, since I don't make any critical applications. However it would be a great idea to start using it asap.. If you need links etc (if you can't find on google) let me know and I'll give you some.
http://www.zimmergren.net

Formerly known as t0bban.

#3 setthesun

setthesun

    Sergeant First Class

  • Sergeant Major
  • 574 posts

Posted 24 April 2005 - 03:06 AM

Try Dotfuscator,

Community edition also ships with VS.NET 2003

setthesun me = new setthesun();

#4 andyp

andyp

    Private

  • Members
  • 1 posts

Posted 05 August 2005 - 09:49 AM

what program decompiles it?

#5 Zimmergren

Zimmergren

    Staff Sergeant

  • Sergeant Major
  • 487 posts

Posted 08 August 2005 - 10:59 AM

Honestly, I don't know without lookiing it up.
I've only heard people talking about bad obfuscators which doesn't protect the code enough etc.

I'll have a lookaround.
http://www.zimmergren.net

Formerly known as t0bban.

#6 setthesun

setthesun

    Sergeant First Class

  • Sergeant Major
  • 574 posts

Posted 10 August 2005 - 12:58 AM

reflector can decompile and ildasm.

Obfuscation just creates spagetthi code, some protection and more but not a good solution. It's good idea to implement c++ DLL libraries into the project for security and setting up a good system but as all we know there is no security in client side :)

If you give an .exe to the client it's over, you loose the game.

But as I told before dotfuscator and some other obfuscators are can protect your code from RCE beginners.

setthesun me = new setthesun();




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users