tags:

views:

262

answers:

2
+2  Q: 

c# source obfuscation techniques

Hey all, I'm looking for ways to obfuscate the following c#/silverlight source code:

    if (searchBox.Text.Equals("string literal")){
        MessageBox.Show("another string literal");
    }

So far all I can come up with to hide it is encoding the strings as arrays of ascii...

Thanks

EDIT All I want is for the source code to be undreadable, this is for an easter egg. Security is not a priority for me. Thanks.

EDIT 2 I don't want the presence of an easter egg to be known. I'm trying to obfuscate the program flow so it doesn't appear like there is a line of code like

if (specialcase)
    doEasterEgg();

I've seen stuff on like the obfuscated c contest where hello world turns into globbidy gook. Anyhing similar that people know of for c#?

+2  A: 

What exactly do you want to protect against?

  • The transmission of the text value of the control to your server? In that case, any "obfuscation" by any non-encryption technique will easily be overcome by a motivated attacker. You should look into encrypting your strings, rather than obfuscating them.

  • If you're looking to obfuscate your source code itself, you really should let a third party tool handle it. Anything you might invent on your own is likely to be easily reverse-invented.

  • EDIT: If you just want to hide an Easter Egg, how about using ROT13?

  • EDIT 2: How about assigning them misleading constants and referencing them in a different static class that is misleadingly named?

.

// in other source file ValidateInput.cs
public const VALID_STRING = "secret";

public class ValidateInput {
    public static bool Validate(string srcText)
    {
         return srcText == VALID_STRING;
    }
    public static void LogicValidSearch()
    {
         return;
    } 
}

//In your main application
if (ValidateInput.Validate(searchBox.Text)) {
    ValidateInput.LogValidSearch();
}
Mike Atlas  2010-07-13 16:03:51
Well I know a bunch of ways to encrypt the string literal, I took a cryptology course. But I don't want anyone to even know there IS an easter egg. So I can't have a line of code that looks like If special case: do easter eggIs there anyway to obfuscate that program flow? For example, something like writing a function and somehow putting it in a dll or anything? I don't actually know what that means but I've heard it tossed around. Thanks
JGord  2010-07-14 18:52:45
See my new edit...
Mike Atlas  2010-07-19 15:05:52
Ah yes, that's more what I was looking for... best answer so far!
JGord  2010-07-20 13:06:44
Just a little creative naming to throw them off ;)
Mike Atlas  2010-07-20 16:16:33
+1  A: 

There's not enough code here to obfuscate effectively. Your only option is hashing the value of "string literal" and encrypting the value of "another string literal". This technique is not safe either because you would have to expose your encryption method.

BC  2010-07-13 16:07:12

related questions

Displaying Flash content in a C# WinForms application
How to get the value of built, encoded ViewState?
Unhandled Exception Handler in .NET 1.1
How do I connect to a database and loop over a recordset in C#?
How do I most elegantly express left join with aggregate SQL as LINQ query
Get a new object instance from a Type in C#
.NET Testing Framework Advice
Automatically update version number
What is the difference between an int and an Integer in Java/C#?
How to write to Web.Config in Medium Trust ?
WinForms ComboBox data binding gotcha
How do you sort a C# dictionary by value?
Adding Scripting functionality to .NET applications
Floating Point Number parsing: Is there a Catch All algorithm?
How do I print an HTML document from a web service?
Decoding T-SQL CAST in C#/VB.net
Anatomy of a "Memory Leak"
How do I get a distinct, ordered list of names from a DataTable using Linq
Reliable Timer in a Console Application
How do I fill a DataSet or a DataTable from a LINQ query resultset ?
What's the difference between Math.Floor() and Math.Truncate() in .NET?
How do I calculate relative time?
How do I calculate someone's age in C#?
Are there any conversion tools for porting Visual J# code to C#?
When setting a form's opacity should I use a decimal or double?