By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
455,566 Members | 1,734 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 455,566 IT Pros & Developers. It's quick & easy.

how can i protect against decompilers

P: n/a
i saw something named obfuscator and its decompiling the source code of my
program which written in c# and my program includes mysql root password
inside of it
is there anyway to protect my program against this decompilers.
Thanks
Nov 16 '05 #1
Share this Question
Share on Google+
4 Replies


P: n/a
Dm.
i has some expirience working with:
9Rays (Spices), RemoteSoft (Salamander) and PreEmptive Solutions
(DotFuscator), Demeanor.

I found that all above obfuscators just do renaming of custom properties,
classes, and method names.
Some provide good strings encryption and even some refactoring.
Here is an hidden problem for commercial applications.

..Net is not translatable to java-like opcodes - its an assembler for virtual
machine, so all the main calls and method names will remain (it helps with
orientation).
For example, if you're using Licensing Class - the only thing you need to do
to brake 'licensed' application is replace 'throw' with 'ret' (in MSIL),
and it will not die on left license; as general licensing logic is:
'validate or die' - this is very breakable.

So the obfuscators are good to complicate code insight, but not enough to
make real protection in most cases.
The way is custom loaders with advanced polymorphic logic, but you will
loose interpretability.

Regards,
Dm.
i saw something named obfuscator and its decompiling the source code of my
program which written in c# and my program includes mysql root password
inside of it
is there anyway to protect my program against this decompilers.
Thanks

Nov 16 '05 #2

P: n/a
"Tolga Tanriverdi" <to***@sylveria.gen.tr> wrote in message
news:Oj**************@TK2MSFTNGP14.phx.gbl...
i saw something named obfuscator and its decompiling the source code of my
program which written in c# and my program includes mysql root password
inside of it
is there anyway to protect my program against this decompilers.


You should not encode secrets into your compiled code. Do you have
individual clients access the database directly? Run the request through a
service layer instead of accessing the database directly.

--
Mickey Williams
Author, "Visual C# .NET Core Ref", MS Press
www.neudesic.com
www.servergeek.com
Nov 16 '05 #3

P: n/a
Dm. <nn****@yahoo.ca> wrote:

<snip>
.Net is not translatable to java-like opcodes - its an assembler for virtual
machine, so all the main calls and method names will remain (it helps with
orientation).


In what way is that not like Java? It's *exactly* like Java - you can
use ildasm instead of javap and you get to see the IL rather than the
byte code, but that's all.

<snip>

--
Jon Skeet - <sk***@pobox.com>
http://www.pobox.com/~skeet
If replying to the group, please do not mail me too
Nov 16 '05 #4

P: n/a
SB
Note that even if you wrote your app in straight C, a string password can be
found pretty easily. Again, don't put passwords in exes unless you are
trying to keep out pre-schoolers.

-sb

"Tolga Tanriverdi" <to***@sylveria.gen.tr> wrote in message
news:Oj**************@TK2MSFTNGP14.phx.gbl...
i saw something named obfuscator and its decompiling the source code of my
program which written in c# and my program includes mysql root password
inside of it
is there anyway to protect my program against this decompilers.
Thanks

Nov 16 '05 #5

This discussion thread is closed

Replies have been disabled for this discussion.