473,387 Members | 1,486 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > c# / c sharp > questions > avoid easy decompiling

Join Bytes to post your question to a community of 473,387 software developers and data experts.

avoid easy decompiling

Hi,

Using the .NET reflector tool, i know that a DLL or EXE developed in
..NET platform can be decompiled and therefore code is available for all.

I would like to know if exist a way how to avoid tools like .NET
reflector to decompile your code or at least to avoid people to see
clearly the code of you DLL or EXE ?

thanks a lot,
Al.
Dec 26 '06 #1
5 3334
Hi Al,

You can obfuscate your code, but I wouldn't recommend it for most real-world
applications or even third-party components since even the best obfuscation
can still be reverse engineered.

C# Programming Tools
§ Obfuscators
http://msdn2.microsoft.com/en-us/vcs...px#obfuscators

Here's some information about why obfuscation may or may not be a good
choice for your program:

Security through obscurity
http://en.wikipedia.org/wiki/Security_through_obscurity

--
Dave Sexton
http://davesexton.com/blog

"--== Alain ==--" <no****@noemail.comwrote in message
news:%2****************@TK2MSFTNGP03.phx.gbl...
Hi,

Using the .NET reflector tool, i know that a DLL or EXE developed in .NET
platform can be decompiled and therefore code is available for all.

I would like to know if exist a way how to avoid tools like .NET reflector
to decompile your code or at least to avoid people to see clearly the code
of you DLL or EXE ?

thanks a lot,
Al.

Dec 26 '06 #2

"--== Alain ==--" <no****@noemail.comwrote in message
news:%2****************@TK2MSFTNGP03.phx.gbl...
Hi,

Using the .NET reflector tool, i know that a DLL or EXE developed in .NET
platform can be decompiled and therefore code is available for all.

I would like to know if exist a way how to avoid tools like .NET reflector
to decompile your code or at least to avoid people to see clearly the code
of you DLL or EXE ?
The only real way to protect your code is to use a web service so your
customers never get their hands on it. You can also deploy embedded devices
if network access isn't guaranteed. Any time you allow the user to run your
code on their system, they can inspect it.
>
thanks a lot,
Al.

Dec 26 '06 #3
Hi Peter,
There is a second class of obfuscators that are really "recompilers" and
these actually change your .NET assemblies into true machine code (like
C++).
Even that isn't impossible to reverse engineer. Remotesoft offers one, and
there may be others.
Peter
I'm curious to know if they actually add any extra protection or if they're
just the same as creating a native image using NGEN after using, for
example, Dotfuscator. Don't they still have to include the metadata for the
CLR, which defeats the purpose of using machine language to add protection?

--
Dave Sexton
http://davesexton.com/blog

"Peter Bromberg [C# MVP]" <pb*******@yahoo.yabbadabbadoo.comwrote in
message news:FF**********************************@microsof t.com...
As Dave mentioned, obfuscating the code is a step in that direction,
although
personal experience tells me that any determined individual can work
around
obfuscated code if they know what they are doing.

There is a second class of obfuscators that are really "recompilers" and
these actually change your .NET assemblies into true machine code (like
C++).
Even that isn't impossible to reverse engineer. Remotesoft offers one, and
there may be others.
Peter

--
Site: http://www.eggheadcafe.com
UnBlog: http://petesbloggerama.blogspot.com
Short urls & more: http://ittyurl.net


"--== Alain ==--" wrote:
>Hi,

Using the .NET reflector tool, i know that a DLL or EXE developed in
..NET platform can be decompiled and therefore code is available for all.

I would like to know if exist a way how to avoid tools like .NET
reflector to decompile your code or at least to avoid people to see
clearly the code of you DLL or EXE ?

thanks a lot,
Al.

Dec 27 '06 #4
--== Alain ==-- <no****@noemail.comwrote:
Using the .NET reflector tool, i know that a DLL or EXE developed in
.NET platform can be decompiled and therefore code is available for all.

I would like to know if exist a way how to avoid tools like .NET
reflector to decompile your code or at least to avoid people to see
clearly the code of you DLL or EXE ?
See http://www.pobox.com/~skeet/csharp/obfuscation.html

--
Jon Skeet - <sk***@pobox.com>
http://www.pobox.com/~skeet Blog: http://www.msmvps.com/jon.skeet
If replying to the group, please do not mail me too
Dec 27 '06 #5
Hi Peter,

Thanks for the link :)

Very scary stuff. The .NET Framework isn't even required on a machine that
will run the "linked" program since the dependant FCLs are actually
rewritten into the program and obfuscated themselves. No mention of
metadata though so I wonder how reflection would actually work and since the
framework isn't required I wonder if CAS even works at all.

I can see that being useful if I needed to hide, say, the recipe for a nuke
in my program's code. Other than that I think it makes more sense to move
forward in application development and reap the benefits of writing managed
code such as platform independence and JIT compilation.

--
Dave Sexton
http://davesexton.com/blog

"Peter Bromberg [C# MVP]" <pb*******@yahoo.yabbadabbadoo.comwrote in
message news:60**********************************@microsof t.com...
Dave,
http://www.remotesoft.com/linker/
The "horse's mouth"
Peter

--
Site: http://www.eggheadcafe.com
UnBlog: http://petesbloggerama.blogspot.com
Short urls & more: http://ittyurl.net


"Dave Sexton" wrote:
>Hi Peter,
There is a second class of obfuscators that are really "recompilers"
and
these actually change your .NET assemblies into true machine code (like
C++).
Even that isn't impossible to reverse engineer. Remotesoft offers one,
and
there may be others.
Peter

I'm curious to know if they actually add any extra protection or if
they're
just the same as creating a native image using NGEN after using, for
example, Dotfuscator. Don't they still have to include the metadata for
the
CLR, which defeats the purpose of using machine language to add
protection?

--
Dave Sexton
http://davesexton.com/blog

"Peter Bromberg [C# MVP]" <pb*******@yahoo.yabbadabbadoo.comwrote in
message news:FF**********************************@microsof t.com...
As Dave mentioned, obfuscating the code is a step in that direction,
although
personal experience tells me that any determined individual can work
around
obfuscated code if they know what they are doing.

There is a second class of obfuscators that are really "recompilers"
and
these actually change your .NET assemblies into true machine code (like
C++).
Even that isn't impossible to reverse engineer. Remotesoft offers one,
and
there may be others.
Peter

--
Site: http://www.eggheadcafe.com
UnBlog: http://petesbloggerama.blogspot.com
Short urls & more: http://ittyurl.net


"--== Alain ==--" wrote:

Hi,

Using the .NET reflector tool, i know that a DLL or EXE developed in
..NET platform can be decompiled and therefore code is available for
all.

I would like to know if exist a way how to avoid tools like .NET
reflector to decompile your code or at least to avoid people to see
clearly the code of you DLL or EXE ?

thanks a lot,
Al.



Dec 27 '06 #6
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

4
How to avoid exposing connectstring?
by: James Henson | last post by:
I'm using a MySQL database from within some Perl and PHP cgi's. To make the connection, I have to supply the username/password in the connection string. This info is readable for anyone that can...
PHP
30
Always avoid "new"
by: seesaw | last post by:
Is it right thing to always avoid using "new" to create objects? What if after starting the application, then decide which and how many objects to create? (Seems like under such situation is there...
C / C++
11
The joy of decompiling...
by: Deano | last post by:
Just wondering if there is a tool or method that will allow me to compare the state of my database before and after I decompile it. The last time I decompiled a few fields lost default values and...
Microsoft Access / VBA
18
Decompiling C#?!?!? Where is the privacy?
by: Diogo Alves - Software Developer | last post by:
I found a few days ago that was possible to decompile any program developed in C# That is a huge failure.... It's not aceptable that a company that pays a lot for visual studio and pays to the...
C# / C Sharp
6
Decompiling an A97 mdb file...
by: MLH | last post by:
Can decompiling an A97 mdb result in fixing minor nasties that may be responsible for some premature terminations of A97 (We are sorry. MS Access 97 needs to close.... messages). I've found the...
Microsoft Access / VBA
11
How to avoid the use of copy constructor when using STL container function (push_back, etc.)
by: PengYu.UT | last post by:
The following program calls the normal constructor and the copy constructor. By calling the copy constuctor is redundandant, all I want is only a vector of a trial object. Is there any way to...
C / C++
3
avoid buffer overflow using sprintf?
by: Susan Rice | last post by:
How can I rewrite this code to avoid the possibility of a buffer overflow? sprintf(errbuf, "%s\nError is: %u: %s\n", errmsg, dwErrCode, s ); Here: errmsg = a string dwErrCode = a number s =...
C / C++
8
Prevent decompiling of the code
by: Torben Laursen | last post by:
Hi I need to be sure that my C# code is as hard as possible to decompile. Can anyone tell what is the best tool for that job? Also will this be a part of Visual Studio 2008? It seems...
C# / C Sharp
11
Niheel
10 Tips to Avoid Information Overload at Work
by: Niheel | last post by:
http://bytes.com/images/howtos/information_overloaded.jpgPaul Graham wrote an interesting article a few months back about how the internet is leading to information overload for information workers...
Career Advice
0
Easy Steps to Fix "Canon Printer Won't Connect to WiFi Network"
by: taylorcarr | last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
General
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Basic Javascript concepts
by: aa123db | last post by:
Variable and constants Use var or let for variables and const fror constants. Var foo ='bar'; Let foo ='bar';const baz ='bar'; Functions function $name$ ($parameters$) { } ...
Javascript
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!