How does Dotfuscator work? [c#]

views:

1269

answers:

+5 Q:

How does Dotfuscator work? [c#]

How does Dotfuscator work? I tried obfuscate some of my classes and it renamed the methods/class to a, b, c etc. But I can still see the code inside those methods? Is it that, I am doing something wrong?

Is there anything that would prevent a totally block deassembling my assembly?

+5 A:

That is the way it is supposed to work. Your code is still accessible, just more difficult to understand. If you want something "stronger", take a look at Xenocode PostBuild.

Jon Tackabury 2009-08-17 13:51:05

This definately works better than the Dotfuscator. Thanks.

Bhaskar 2009-08-17 15:16:05

Make sure you understand the differences between plain obfuscation and some of the options that PostBuild has (like the native binary support). You lose a lot of the flexibility of the .NET framework with native binaries.

Jon Tackabury 2009-08-17 15:21:51

Would Xenocode affect the speed/size of the program?Does it compile the application to 100 % native binary, aka almost impossible to decompile?

Phoexo 2009-08-17 17:40:02

It will affect the speed/size of the program. From the PostBuild site: "Native executable generation: PostBuild allows for the creation of a native x86 executable allowing your application to run, with or without a .NET Framework installed." You would end up with something that would be indistinguishable from an application written with unmanaged C++. However, you lose all the portability advantages of using the .NET Framework.

Jon Tackabury 2009-08-17 18:05:44

lose portability.. who really cares about that? You just recompile for the new platform, just like we used to do.

gbjbaanb 2009-08-17 23:26:32

Does Xenocode in fact compile application to native code? I thought it encrypts program with all dependencies and packs it into .exe file. During program execution, it extracts and executes the same .NET assemblies. Am I wrong here?

ima 2009-08-18 12:17:38

(It doesn't need framework installed, because all relevant framework binaries are also packed into .exe)

ima 2009-08-18 12:18:44

+1 A:

Dotfuscator simply makes the decompiled source harder to read - it doesn't prevent decompilation itself.

Andrew Hare 2009-08-17 13:51:25

+5 A:

you can't block a de-assembling in .net

Fredou 2009-08-17 13:51:37

-1: You can block de-assembling, take a look at my answer. Using Xenocode PostBuild you can compile your .NET application into a native binary.

Jon Tackabury 2009-08-17 14:59:08

@Jon, then it's not .net anymore, the point is with 100% .net exe, you cannot block it

Fredou 2009-08-17 15:03:10

The OP says "Is there anything that would prevent a totally block deassembling my assembly?" and the answer is yes, there is.

Jon Tackabury 2009-08-17 15:16:10

Jon, with Xonocode, arguably it's no longer an assembly as such..

Tor Haugen 2009-08-18 07:32:00

if you have Professional or Gold Dotfuscator you can block Reflector program from opening your assebmlies.

Wael Dalloul 2009-08-17 13:58:42

If that is done you can use ILDASM to disassemble the code, then remove the "don't show my code" attribute, then ILASM it back. Reflector will let you see it now. :)

David 2009-08-17 23:28:56

+1 A:

Unfortunately, there is no way to prevent somebody reflecting your assembly and dissasembling it down to your source code. Obfuscation tools like Dotfuscator will make it significantly harder for somebody to actually read the disassembled code, where virtually all human-readable names can be replaced by meaningless symbols.

If you are releasing your code anywhere, if somebody is determined enough they will be able to reverse-engineer it. The best you can do is make it not worth their time to do so.

Programming Hero 2009-08-17 13:59:27

+1 A:

The version that comes with Visual Studio is limited and I wouldn't rely on it for full-scale obfuscation if you need to deploy something to customer sites. A free one that you might want to look at is Eazfuscator.net.

Mike Knowles 2009-08-17 14:18:49

+9 A:

Code obfuscation goes well beyond simple renaming of classes, members and variables, though that's an important part of it.

For example, Dotfuscator uses a patented technique called overload induction, where many methods are renamed to the same name (this is possible as long as they have different signatures). PreEmptive solutions cite cases where a third of all methods in the code are renamed to a(). Other techniques involve rewriting simple iterations as recursion, as well as code morphing.

Actually, modern obfuscation techniques are perfectly adequate for making code virtually impossible to reverse-engineer, at least by hand. While it is true that .NET assemblies can never be RE-safe in principle, obfuscation can provide a pretty formidable barrier.

For most of us, that's enough.

Tor Haugen 2009-08-17 14:24:38

Thanks...great info.

Bhaskar 2009-08-17 15:17:10

+1 A:

Just symbol renaming wont suffice if you want powerful protection. Consider Crypto Obfuscator which also supports control flow obfuscation which prevents your method source from being viewed in Reflector, resource protection which is great for XAML/BAML resources of WPF/Silverlight projects, string enncryption, anti-reflector, anti-debug, etc, etc.

logicnp 2009-11-20 09:14:48

this is good....how do they do it. Wont the assembly get decrypted in the memory, when the CLR loads it.

Bhaskar 2009-11-20 09:27:19

Yes, since it must be used in original form, it has to be decrypted eventually, but all these layers of protection form a major obstruction to reverse-engineering.

logicnp 2009-11-20 09:37:15

ansaurus

tags:

views:

answers:

How does Dotfuscator work? [c#]

related questions