tags:

views:

923

answers:

7
+6  Q: 

Compiling C# to Native?

I think I'm somewhat confused about compiling .NET byte-code to native code, or maybe I'm confused about the end result. So please bear with me as I try to sort through what I think I understand so you can help me figure out what I'm missing.

What I'd like to do is compile my application written in C# down to regular native code like I'd get if I had written it in C. My reasoning has nothing to do with performance, but rather with some degree of protection. I understand that my end-goal is not impossible (or even really that difficult) to circumvent, but I just feel like reversing x86 assembly is more difficult than reversing what Reflector gives me.

Right now if I throw my C# application into Reflector, I basically get my source-code back. Typically when I throw my unmanaged C/C++ applications into IDAPro and use the HexRays decompiler, I don't quite get the same degree of decompilation back and I have to resort to wading through x86 disassembly to understand the logic flow. It's my understanding that such great decompilation comes from Reflector due to the application being in MSIL instead of the more terse native code that HexRays tries to decompile.

I have no concerns about the client machine still needing the .NET runtimes, I'm not trying to circumvent any of that. I would like to run normal software obfuscation programs like upx on my program, and doing it as a .NET binary fails.

It was my understanding from this related question that ngen does what I want. I've tried using ngen. But after copying the output file from the C:\Windows\assemblies\...\applicationName.ni.exe directory to somewhere I can double-click, and trying to run it produces an error about it not being "a valid Win32 application". Further, when I toss the applicationName.ni.exe into Reflector, I get the same output as I did from just the applicationName.exe. Since applicationName.ni.exe is supposed to be native code, I expected Reflector to error out, but it didn't. If this the way I'm supposed to do this, why did Reflector still give me such a great decompilation?

So, just to summarize my main question again: How can I compile my .NET program into a native binary that Reflector won't so easily decompile? Or what's some best practices for protecting a product written in a .NET language from newbie reverse-engineers?

If I need a different tool, I'd prefer something free and not something like Codewall.

Thanks!

UPDATE: I understand that what I'm looking for might limit some of the features of the language like Reflection, but I think I'm fine with that. None of my code does any explicit Assembly.Load calls or anything of the sort. But couldn't those just be replaced with GetProcAddress/LoadLibrary calls anyway?

+9  A: 

If you want to protect your code, an obfuscator is the typical approach. Dotfuscator has been in an arms race with reflector for a while and we use it on our products. In practice, however, a skilled human can easily read obfuscated code.

Compiling to native code defeats the purpose of having a managed language. The main benefit is to allow the target runtime to JIT the IL into something that is optimally palatable for the target CPU. If you want otherwise, you would use something like the ahead-of-time option in mono.

plinth  2009-12-17 13:09:21
Doesn't Dotfuscator just obfuscate variable names so that it's more difficult to read? And I get that I won't be receiving the run-time optimizations, and I'm OK with that. My main purpose in using C# was the ease and beauty of the language's syntax and libraries, the nifty optimizations came second.
mrduclaw  2009-12-17 13:12:59
You say a skilled human 'easily' can read obfuscated code. Is that true, in your experience, also, for commercial obfuscators such as the full Dotfuscator or Codewall?
Tor Haugen  2009-12-17 13:15:53
I consider myself a skilled human. I can read the IL output of the full version dotfuscator. @mrduclaw - the full version of dotfuscator injects IL that makes in unrenderable in a typical HL language and the JIT undoes it (branch-to-branch optimization, etc).
plinth  2009-12-17 14:38:18
+4  A: 

NGEN adds native code, but it does not remove the MSIL. Therefore, any tool operating on the MSIL can still work. You also need this for reflection, something that would be very hard for a true native compiler.

MSalters  2009-12-17 13:10:50
None of my code explicitly uses Reflection, and I'm OK without it. Barring some limitations on the language itself, is this possible?
mrduclaw  2009-12-17 13:14:33
You know it, but the hypothetical C#-to-native compiler can't really assume it.
MSalters  2009-12-18 11:15:29
+2  A: 

That is not possible.

You can acchieve this using ngen.exe. However, you will still have to deploy the original assemblies as features like reflection rely on them.

winSharp93  2009-12-17 13:11:20
+4  A: 

That's not how ngen.exe works. It merely runs the JIT compiler up front to generate the .ni.exe or .ni.dll module. That binary file does not contain metadata, only the machine code generated from the IL for the method bodies. The CLR still must find the original assembly. Only then can it determine that there is an ngen-ed image available so that it can use the machine code from it rather than generate it from the assembly's IL.

Ngen.exe speeds up the warm startup time of your app, that's all.

My usual advice to anybody that might be interested in disassembling my assemblies is to point them to sourceforge.net. It has terabytes of source code, written and maintained by programmers that are usually better than me. Sometimes even with good comments. If your obfuscator doesn't work well then shop around for a better one. There are many.

Hans Passant  2009-12-17 13:21:16
Thank you! That's exactly the explanation I was looking for with regard to what `ngen` is doing. Do you have any suggestions on a good, free, obfuscator?
mrduclaw  2009-12-17 13:25:53
I only know good and free disassemblers. A disassembler has to be free, asking money for it defeats the purpose of using one. Good obfuscators cost money. Visual Studio comes with one, Dotfuscator. I never heard of a company that sells a product based on cracked source code that was protected by Dotfuscator. That suggests it works well.
Hans Passant  2009-12-17 13:37:51
When it comes to obfuscators, you can either have good or free - not both! Consider Crypto Obfuscator - reasonably priced and lots of features and protections and tool support. Download a trial and give it a go to determine if its good for you.
logicnp  2009-12-25 09:12:04
+5  A: 

Xenocode has a product that might fit your needs. We use it for a WPF based installer UI so we don't have to bootstrap .net in order to load the setup program itself.

dkackman  2009-12-17 13:37:09
This looks fantastic, it's just a little more expensive than I'd like since I'm just a lone developer and not doing this for a company.
mrduclaw  2009-12-17 13:40:43
Indeed the price can be a bit prohibitive. It works well though.Not sure if there are any open source or other alternatives out there. Another downside is it results in very large executable but the environment virtualization is pretty slick.
dkackman  2009-12-17 14:56:23
+1  A: 

I might step back and ask why you are looking for this type of protection. I'm not trying to argue that you don't need the protection, but I think it is worth understanding the motivation.

For instance, if you want protection because you have an algorithm in your system where it would be devastating to security if someone reverse-engineered it, then you might need to consider a different approach. It means there is a flaw in the algorithm and no amount of obfuscation or native compiling will help you there.

If is a matter of IP, then I think obfuscation is probably your best approach here. It is kind of like putting a lock on your door. Someone can break the lock and get in, but they are intentionally doing it as opposed to just walking in the door.

Brian Genisio  2009-12-17 13:43:19
Oh no, my algorithms aren't doing anything fancy. It's somewhere in between academic curiosity and IP concerns. I think a decent (but free) obfuscator would probably suit me fine for my IP concerns, but I do have a custom code packer that I've written previously that I would like to use on my .NET applications as well. Any suggestions for an obfuscator?
mrduclaw  2009-12-17 13:49:06
+2  A: 

this is a free obfuscator, which is quiet good: eazfuscator

christoph  2010-09-08 12:01:53

related questions

Displaying Flash content in a C# WinForms application
How to get the value of built, encoded ViewState?
Unhandled Exception Handler in .NET 1.1
How do I connect to a database and loop over a recordset in C#?
How do I most elegantly express left join with aggregate SQL as LINQ query
Get a new object instance from a Type in C#
.NET Testing Framework Advice
Automatically update version number
What is the difference between an int and an Integer in Java/C#?
How to write to Web.Config in Medium Trust ?
WinForms ComboBox data binding gotcha
How do you sort a C# dictionary by value?
Adding Scripting functionality to .NET applications
Floating Point Number parsing: Is there a Catch All algorithm?
How do I print an HTML document from a web service?
Decoding T-SQL CAST in C#/VB.net
Anatomy of a "Memory Leak"
How do I get a distinct, ordered list of names from a DataTable using Linq
Reliable Timer in a Console Application
How do I fill a DataSet or a DataTable from a LINQ query resultset ?
What's the difference between Math.Floor() and Math.Truncate() in .NET?
How do I calculate relative time?
How do I calculate someone's age in C#?
Are there any conversion tools for porting Visual J# code to C#?
When setting a form's opacity should I use a decimal or double?