By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
455,573 Members | 1,797 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 455,573 IT Pros & Developers. It's quick & easy.

Preventing decompilation of assembly

P: n/a
Nak
Hi there,

I have just read an article that explains how to prevent people from
decompiling your assemblies with ILDASM. Apparently this can be achieved by
writing something like,

ILDASM /owner=Me MyAssembly.exe

Now when I attempt this I get "INVALID COMMAND LINE OPTION" and a list
of commands is displayed on the screen but owner is not one of them. Does
that mean that this is only valid for VS 2003? or am I missing something
pretty straight forward?

Also the article doesn't explain whether or not other decompilers can be
used successfuly, I presume that they can, would I be right in saying that?
Thanks for your help in advance.

Nick.

--
/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
"No matter. Whatever the outcome, you are changed."

Fergus - September 5th 2003
/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
Nov 20 '05 #1
Share this Question
Share on Google+
11 Replies


P: n/a
Nak
Ah, ignore all of that I found out what was wrong. But I do have another
question regarding this, is it possible to provide your own custom command
line attributes to be used by the compiler? So basically, would it be
possible for me to set VB.NET to provide the Owner string upon compilation
within the IDE? I would be more difficult for me to do it manually as my
Assembly is strong named, as well as having embedded licenses. Thanks
again.

Nick.

--
/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
"No matter. Whatever the outcome, you are changed."

Fergus - September 5th 2003
/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
Nov 20 '05 #2

P: n/a
Hi Nak!!

No. You cannot explicitally set VB.NET compiler command-line arguments.

--
HTH,
-- Tom Spink, Über Geek

Please respond to the newsgroup,
so all can benefit

" System.Reflection Master "

==== Converting to 2002 ====
Remove inline declarations
"Nak" <a@a.com> wrote in message
news:eW**************@TK2MSFTNGP10.phx.gbl...
Ah, ignore all of that I found out what was wrong. But I do have another
question regarding this, is it possible to provide your own custom command
line attributes to be used by the compiler? So basically, would it be
possible for me to set VB.NET to provide the Owner string upon compilation
within the IDE? I would be more difficult for me to do it manually as my
Assembly is strong named, as well as having embedded licenses. Thanks
again.

Nick.

--
/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\ "No matter. Whatever the outcome, you are changed."

Fergus - September 5th 2003
/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\

Nov 20 '05 #3

P: n/a
Nak
Hi Tom,
No. You cannot explicitally set VB.NET compiler command-line arguments.


Bugger!

I was looking into digital signing, I like the idea of programs having my
signature, so to speak, but it looks like another rip-off attempt affiliated
with Microsoft to gain revenue. Just like their Windows logo scheme, what a
load of toot, I was interested until it said I needed a verisign account
that costs an arm and a leg. Pah, oh well, I would like to know *every*
method possible for protecting Assemblies that's built into the .NET
framework but don't know where to look for this info, it took me a while
until I found out about strong naming, even after swearing and cursing about
the lack of code security and protection methods in this newsgroup. Oh
well, I'll say "Bugger!" again, just for luck :-)

Nick.

--
/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
"No matter. Whatever the outcome, you are changed."

Fergus - September 5th 2003
/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
Nov 20 '05 #4

P: n/a
Hi Nick,

Yup. VeriSign does cost a lot doesn't it!! I wanted my own digital
certificate, so I could prove my identity over email, and digitally sign
applications.

--
HTH,
-- Tom Spink, Über Geek

Please respond to the newsgroup,
so all can benefit

" System.Reflection Master "

==== Converting to 2002 ====
Remove inline declarations
"Nak" <a@a.com> wrote in message
news:#n**************@tk2msftngp13.phx.gbl...
Hi Tom,
No. You cannot explicitally set VB.NET compiler command-line arguments.
Bugger!

I was looking into digital signing, I like the idea of programs having my
signature, so to speak, but it looks like another rip-off attempt

affiliated with Microsoft to gain revenue. Just like their Windows logo scheme, what a load of toot, I was interested until it said I needed a verisign account
that costs an arm and a leg. Pah, oh well, I would like to know *every*
method possible for protecting Assemblies that's built into the .NET
framework but don't know where to look for this info, it took me a while
until I found out about strong naming, even after swearing and cursing about the lack of code security and protection methods in this newsgroup. Oh
well, I'll say "Bugger!" again, just for luck :-)

Nick.

--
/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\ "No matter. Whatever the outcome, you are changed."

Fergus - September 5th 2003
/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\

Nov 20 '05 #5

P: n/a
Nak
Hi Tom,
Yup. VeriSign does cost a lot doesn't it!! I wanted my own digital
certificate, so I could prove my identity over email, and digitally sign
applications.


Any idea how one would go about making their own root certificate? I mean
if I were to set up a web site for professionals of VB.NET for example and
give people digital certificates providing they give contact details and the
like, just as verisign do, but give it for free, what makes verisign so
special? Not all NVIDIA display drivers are certificated!!! Hmmm.....

Nick.

--
/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
"No matter. Whatever the outcome, you are changed."

Fergus - September 5th 2003
/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
Nov 20 '05 #6

P: n/a
Nak
Come to think of it, hardly any applications are digitally signed. I only
wanted to do it so that I could *tell* if an application had been decompiled
and recompiled again, as it wouldn't have a certificate (or my certificate),
maybe I should go ahead and put an "untrusted" one on it just for the sake
of it!! why not? Who are they to tell me my certificate can't be trusted,
just because I haven't given them any money?? Haha

Nick.

--
/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
"No matter. Whatever the outcome, you are changed."

Fergus - September 5th 2003
/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
Nov 20 '05 #7

P: n/a
Hi Nick,

You need Windows 2000 Advanced Server, it comes with a Certificate
Authority.

--
HTH,
-- Tom Spink, Über Geek

Please respond to the newsgroup,
so all can benefit

" System.Reflection Master "

==== Converting to 2002 ====
Remove inline declarations
"Nak" <a@a.com> wrote in message
news:#i**************@TK2MSFTNGP10.phx.gbl...
Come to think of it, hardly any applications are digitally signed. I only
wanted to do it so that I could *tell* if an application had been decompiled and recompiled again, as it wouldn't have a certificate (or my certificate), maybe I should go ahead and put an "untrusted" one on it just for the sake
of it!! why not? Who are they to tell me my certificate can't be trusted,
just because I haven't given them any money?? Haha

Nick.

--
/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\ "No matter. Whatever the outcome, you are changed."

Fergus - September 5th 2003
/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\

Nov 20 '05 #8

P: n/a
Nak
Hi Tom,
You need Windows 2000 Advanced Server, it comes with a Certificate
Authority.


Not a "biggy" then? Sounds pretty cool to me, and why Windows 2000 Advanced
Server? What is a "Certificate Authority", I presume it is just something
that authorises a certificate? so is it a web based service that people
connect to when wanting to verify the certificate? It looks like people
have thought of this before,
--
/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
"No matter. Whatever the outcome, you are changed."

Fergus - September 5th 2003
/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
Nov 20 '05 #9

P: n/a
Nak
.... It looks like people have thought of this before,

http://www.cacert.org/

^ I mean't to send this too!

Nick.

--
/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
"No matter. Whatever the outcome, you are changed."

Fergus - September 5th 2003
/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
Nov 20 '05 #10

P: n/a
Hi Nick,

2000 Advanced server, nice operating system. It is also programmed slightly
differently to the Professional and Standard Server edition of 2000.

The authority dishes out the certificates to people, it's not like a
web-based thing, but you provide the public key for your authority and
people trust that key, then any certificates that come from that authority
are trusted.

--
HTH,
-- Tom Spink, Über Geek

Please respond to the newsgroup,
so all can benefit

" System.Reflection Master "

==== Converting to 2002 ====
Remove inline declarations
"Nak" <a@a.com> wrote in message
news:#T**************@tk2msftngp13.phx.gbl...
Hi Tom,
You need Windows 2000 Advanced Server, it comes with a Certificate
Authority.
Not a "biggy" then? Sounds pretty cool to me, and why Windows 2000

Advanced Server? What is a "Certificate Authority", I presume it is just something
that authorises a certificate? so is it a web based service that people
connect to when wanting to verify the certificate? It looks like people
have thought of this before,
--
/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\ "No matter. Whatever the outcome, you are changed."

Fergus - September 5th 2003
/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\

Nov 20 '05 #11

P: n/a
Nak
Hi Tom
2000 Advanced server, nice operating system. It is also programmed slightly differently to the Professional and Standard Server edition of 2000.

The authority dishes out the certificates to people, it's not like a
web-based thing, but you provide the public key for your authority and
people trust that key, then any certificates that come from that authority
are trusted.


So basically all an authority does is sign your certificate with their
signature so that it contains a trusted root certificate? It still seems
like a rip off to me, hardly any applications use digital signatures, no one
checks digital signatures, it might be useful for web based means but other
than that it seems pretty pointless, but it would be nice to see if an
application of *mine* contains *my* signature, I don't see why it should
have to be trusted? isn't a non trusted signature better than no signature
at all? It doesn't really make much sense. Any ideas on if there are other
ways of implementing digital signatures without it having to be trusted?
that is if it has to be trusted at all, does Windows stop an application
with a non-trusted signature from running? Does it tell the user that it
could potentially be a virus? It doesn't seem to and wouldn't make sense if
it did, maybe a digital signature is *only* meant for web based means?

Nick.

--
/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
"No matter. Whatever the outcome, you are changed."

Fergus - September 5th 2003
/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
Nov 20 '05 #12

This discussion thread is closed

Replies have been disabled for this discussion.