Obfuscation: Renaming and Simple Code Removal
Do you think obfuscation is something that can be done whenever the code is complete? If you do, you are not alone. It seems most developers treat the obfuscation step of the life cycle pretty much the same as they treat building the installation package (ie. MSI) - it isn't their problem. This idea of obfuscation being someone else's problem or just something that will be done once the code is complete, reminds me of how the integration step use to be treated ... that is until Continuous Integration became widespread. It is true that obfuscation can be put off until the code is complete, but chances are it will be a disappointing and painful step. More ...
Obfuscation: String Encryption
Last time I discussed renaming, this time I want to discuss String Encryption. String Encryption is the process of encrypting quoted strings that appear in your code, these strings are stored in the #US heap in an assembly. The #US heap is made up of strings that are referenced in the IL (or when you write your code these strings are in your methods, properties, etc.). This means when you disassemble or decompile an assembly you will see these strings in plain text. For example, if I want to get around some part of your system that gives me a message like "Invalid Password, Please try again", first thing I would do is disassemble the assembly to an IL file and search for that text. Once I find that message I can start to figure out how to jump over it ... I'm sure you get the point. String encryption is an obfuscation technique that encrypts the strings so they are not simple to read. More ...
Book Review: Obfuscating.Net: Protecting your code from prying eyes
Back in 2001 when I had just started learning .Net, I spent a lot of time using ILDasm trying to really get an understanding of how things work (by taking them apart and seeing what they were made of). Then after I started using .Net on a day to day basis, I didn’t find myself using ILDasm as often, because my time was better spent focusing on higher level problems developing solutions to business problems. Now after using .Net for a few years, my needs have evolved as has the tools available. ILDasm is now just another tool in the toolbox used for object browsing, discovery and debugging along with some other utilities such as Lutz Roeder’s Reflector and DILE. As the tools we developers use for troubleshooting and debugging advance, so too do the utilities available to crack our code. Like most software developers, I like to get paid for code that I write and not have it shared unless I choose to. This means I also need a set of tools too protect my code when necessary. One of the tools I can use is obfuscation. More ...
Obfuscation Resources
Blogs
.Net Obfuscator
Rss Feed
Obfuscator
Rss Feed
Websites
Code Obfuscation
Documentation
Articles
Obfuscation and
obfuscators
Obfuscation
Obfuscation: Cloaking you
Code from Prying Eyes
Deploying
Visual Basic .Net Applications: Obfuscation Systems
Obfuscate
It: Thwart Reverse Engineering of Your Visual Basic.Net or C# Code
Obfuscation and
Decompilation
.Net Obfuscators
On the
(Im)possibility of Obfuscating Programs
Review:
Eschew Obfuscation? Maybe You Shouldn't
The .Net Framework &
Protecting you Code - Introduction
Intellectual Property
Protection and Code Obfuscation
Watermarking, Tamper-Proofing, and Obfuscation - Tools for Software Protection
Obfuscation of executable code to improve resistance to static disassembly
Protect
.Net work with obfuscation
Obfuscation and .Net
Secure Your .Net Code
Obfuscation - Protect
your Assemblies and Executables
Giving a .Net
Assembly a Strong Name
Essential
Obfuscate Technical Whitepaper
Obfuscation
Presentations
Creating a .Net
Obfuscator by Godfrey Nolan
.Net Obfuscation
by Godfrey Nolan
Application
Code Security by Gabriel Torok
Deobfuscation:
Reverse Engineering Obfuscated Code by Sharath Udupa, Saumya Debray,
Matias Madou
Decompilation & Obfuscation by John T. Hopkins
Books
Obfuscating .Net: Protecting Your Code From Prying Eyes by Daniel
Appleman
Obfuscators
Salamander.Net
Obfuscator
Demeanor for .Net,
Enterprise edition
Spices.Net Suite
Dotfuscator
{ smartassembly }
Tools lists
Code Obfuscation
Tools
Code
protection - Objfuscation
Comparisons
How-To-Select an
Obfuscation Tool for .Net