Writing an exe 'shrink wrapper' for .Net

Gary Bond wrote:

Hi All,

Can anybody point me to some 'how-to' documentation, tutorials, etc as to
how to write a shrink/protect wrapper for .Net exes/dlls, (like the
Shrinkwrap product for instance).

I have got a couple of products nearly ready for sale, and have already come
up with some routines to protect them, (in the style of the old TurboPower
OnGuard), but really wanted to shrink and protect the exe's, so as to make
reverse engineering a bit more difficult.

I am having some trouble getting started. I have searched the net for links
and help, but have come up blank. Any pointers on how to get going would be
really appreciated.

Thanks
Gary.

Of course you won't find something like that easily by searching on
google. You need very in depth knowledge in win32asm, the Win32 API,
experience with compression algos (LZW or derivatives and such), and a
load of experience in very complex anti-debugging tricks (otherwise the
whole thing will be mostly pointless). Then again, I don't know how to
support MSIL either, and you might still want to do obfuscation. It's
not the kind of knowledge you'll pick up in a weekend or by reading a
book, it would take you years to master all this, so your best bet is to
find a decently priced commercial offering (or just obfuscating and
using a really good protection scheme in your apps).

Hi Gary,
Welcome to MSDN Newsgroup!

Thanks for John's reply. In addition to his comment, you also could refer
to the following article,
Title: The Increasing Need to Protect your Applications from Hackers and
Competitors
URL: http://www.codeproject.com/showcase/Dotfuscator.asp

I hope the above information is helpful for you. Thanks and have a nice day!

Best Regards,

Terry Fei [MSFT]
Microsoft Community Support
Get Secure! www.microsoft.com/security
--------------------

Thread-Topic: Writing an exe 'shrink wrapper' for .Net
thread-index: AcYdnalrgu2J2mHiTUOrdFBxTO3sxA==
X-WBNR-Posting-Host: 193.119.59.36
From: =?Utf-8?B?R2FyeSBCb25k?= <Ga***@community.nospam>
Subject: Writing an exe 'shrink wrapper' for .Net
Date: Fri, 20 Jan 2006 00:44:01 -0800
Lines: 17
Message-ID: <8F**********************************@microsoft.co m>
MIME-Version: 1.0
Content-Type: text/plain;
charset="Utf-8"
Content-Transfer-Encoding: 7bit
X-Newsreader: Microsoft CDO for Windows 2000
Content-Class: urn:content-classes:message
Importance: normal
Priority: normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
Newsgroups: microsoft.public.dotnet.general
NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
Path: TK2MSFTNGXA02.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFT NGXA03.phx.gbl
Xref: TK2MSFTNGXA02.phx.gbl microsoft.public.dotnet.general:186697
X-Tomcat-NG: microsoft.public.dotnet.general

Hi All,

Can anybody point me to some 'how-to' documentation, tutorials, etc as to
how to write a shrink/protect wrapper for .Net exes/dlls, (like the
Shrinkwrap product for instance).

I have got a couple of products nearly ready for sale, and have already comeup with some routines to protect them, (in the style of the old TurboPower
OnGuard), but really wanted to shrink and protect the exe's, so as to make
reverse engineering a bit more difficult.

I am having some trouble getting started. I have searched the net for linksand help, but have come up blank. Any pointers on how to get going would bereally appreciated.

Thanks
Gary.

Hi Both,

Thanks for the comments, and thanks for the link Terry - I will have a look
later this afternoon. (I think obfuscation is a must in any event)

Yep, I always knew this was going to be a hard one. I kinda thought that
compressing all or part of the code in question, then at runtime
decompressing the code in memory and using the ability of c# to run code from
memory might be the way to go. That way the uncompressed code only ever
exists in memory and yet is 'runnable'.

You could control the decompression of the code from compressed to
uncompressed form via your wrapper program so providing some level of
security.

What do you think? I know the effort to do this may not be commercially
viable, but its an interesting question anyway.

Anyhow, thanks both the comments,
regards,
Gary

""TerryFei"" wrote:

Hi Gary,
Welcome to MSDN Newsgroup!

Thanks for John's reply. In addition to his comment, you also could refer
to the following article,
Title: The Increasing Need to Protect your Applications from Hackers and
Competitors
URL: http://www.codeproject.com/showcase/Dotfuscator.asp

I hope the above information is helpful for you. Thanks and have a nice day!

Best Regards,

Terry Fei [MSFT]
Microsoft Community Support
Get Secure! www.microsoft.com/security
--------------------

Thread-Topic: Writing an exe 'shrink wrapper' for .Net
thread-index: AcYdnalrgu2J2mHiTUOrdFBxTO3sxA==
X-WBNR-Posting-Host: 193.119.59.36
From: =?Utf-8?B?R2FyeSBCb25k?= <Ga***@community.nospam>
Subject: Writing an exe 'shrink wrapper' for .Net
Date: Fri, 20 Jan 2006 00:44:01 -0800
Lines: 17
Message-ID: <8F**********************************@microsoft.co m>
MIME-Version: 1.0
Content-Type: text/plain;
charset="Utf-8"
Content-Transfer-Encoding: 7bit
X-Newsreader: Microsoft CDO for Windows 2000
Content-Class: urn:content-classes:message
Importance: normal
Priority: normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
Newsgroups: microsoft.public.dotnet.general
NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
Path: TK2MSFTNGXA02.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFT NGXA03.phx.gbl
Xref: TK2MSFTNGXA02.phx.gbl microsoft.public.dotnet.general:186697
X-Tomcat-NG: microsoft.public.dotnet.general

Hi All,

Can anybody point me to some 'how-to' documentation, tutorials, etc as to
how to write a shrink/protect wrapper for .Net exes/dlls, (like the
Shrinkwrap product for instance).

I have got a couple of products nearly ready for sale, and have already

come

up with some routines to protect them, (in the style of the old TurboPower
OnGuard), but really wanted to shrink and protect the exe's, so as to make
reverse engineering a bit more difficult.

I am having some trouble getting started. I have searched the net for

links

and help, but have come up blank. Any pointers on how to get going would

be

really appreciated.

Thanks
Gary.

Hi Gary,
Thanks for your response. :)

Yes, this is a very interesting question. If I get any information about it
later, I'll share with you. Thanks for your understanding!

Best Regards,

Terry Fei [MSFT]
Microsoft Community Support
Get Secure! www.microsoft.com/security

--------------------

Thread-Topic: Writing an exe 'shrink wrapper' for .Net
thread-index: AcYf/lRwcnJpPJXaSyCPRmi97of2fg==
X-WBNR-Posting-Host: 193.119.59.36
From: =?Utf-8?B?R2FyeSBCb25k?= <Ga***@community.nospam>
References: <8F**********************************@microsoft.co m> <rs**************@TK2MSFTNGXA02.phx.gbl>Subject: RE: Writing an exe 'shrink wrapper' for .Net
Date: Mon, 23 Jan 2006 01:21:02 -0800
Lines: 89
Message-ID: <A8**********************************@microsoft.co m>
MIME-Version: 1.0
Content-Type: text/plain;
charset="Utf-8"
Content-Transfer-Encoding: 7bit
X-Newsreader: Microsoft CDO for Windows 2000
Content-Class: urn:content-classes:message
Importance: normal
Priority: normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
Newsgroups: microsoft.public.dotnet.general
NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
Path: TK2MSFTNGXA02.phx.gbl!TK2MSFTNGXA03.phx.gbl
Xref: TK2MSFTNGXA02.phx.gbl microsoft.public.dotnet.general:186898
X-Tomcat-NG: microsoft.public.dotnet.general

Hi Both,

Thanks for the comments, and thanks for the link Terry - I will have a looklater this afternoon. (I think obfuscation is a must in any event)

Yep, I always knew this was going to be a hard one. I kinda thought that
compressing all or part of the code in question, then at runtime
decompressing the code in memory and using the ability of c# to run code frommemory might be the way to go. That way the uncompressed code only ever
exists in memory and yet is 'runnable'.

You could control the decompression of the code from compressed to
uncompressed form via your wrapper program so providing some level of
security.

What do you think? I know the effort to do this may not be commercially
viable, but its an interesting question anyway.

Anyhow, thanks both the comments,
regards,
Gary

""TerryFei"" wrote:

Hi Gary,
Welcome to MSDN Newsgroup!

Thanks for John's reply. In addition to his comment, you also could refer to the following article,
Title: The Increasing Need to Protect your Applications from Hackers and
Competitors
URL: http://www.codeproject.com/showcase/Dotfuscator.asp

I hope the above information is helpful for you. Thanks and have a nice day!
Best Regards,

Terry Fei [MSFT]
Microsoft Community Support
Get Secure! www.microsoft.com/security
--------------------

>Thread-Topic: Writing an exe 'shrink wrapper' for .Net
>thread-index: AcYdnalrgu2J2mHiTUOrdFBxTO3sxA==
>X-WBNR-Posting-Host: 193.119.59.36
>From: =?Utf-8?B?R2FyeSBCb25k?= <Ga***@community.nospam>
>Subject: Writing an exe 'shrink wrapper' for .Net
>Date: Fri, 20 Jan 2006 00:44:01 -0800
>Lines: 17
>Message-ID: <8F**********************************@microsoft.co m>
>MIME-Version: 1.0
>Content-Type: text/plain;
> charset="Utf-8"
>Content-Transfer-Encoding: 7bit
>X-Newsreader: Microsoft CDO for Windows 2000
>Content-Class: urn:content-classes:message
>Importance: normal
>Priority: normal
>X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
>Newsgroups: microsoft.public.dotnet.general
>NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
>Path: TK2MSFTNGXA02.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFT NGXA03.phx.gbl
>Xref: TK2MSFTNGXA02.phx.gbl microsoft.public.dotnet.general:186697
>X-Tomcat-NG: microsoft.public.dotnet.general
>
>Hi All,
>
>Can anybody point me to some 'how-to' documentation, tutorials, etc as to >how to write a shrink/protect wrapper for .Net exes/dlls, (like the
>Shrinkwrap product for instance).
>
>I have got a couple of products nearly ready for sale, and have already

come

>up with some routines to protect them, (in the style of the old TurboPower >OnGuard), but really wanted to shrink and protect the exe's, so as to make >reverse engineering a bit more difficult.
>
>I am having some trouble getting started. I have searched the net for

links

>and help, but have come up blank. Any pointers on how to get going

would be

>really appreciated.
>
>Thanks
>Gary.
>