Book Review
Obfuscating .NET: Protecting your code from prying eyes
By Dan Appleman
Back in 2001 when I had just started learning .Net, I spent a lot of time using ILDasm trying to really get an understanding of how things work (by taking them apart and seeing what they were made of). Then after I started using .Net on a day to day basis, I didn’t find myself using ILDasm as often, because my time was better spent focusing on higher level problems developing solutions to business problems. Now after using .Net for a few years, my needs have evolved as has the tools available. ILDasm is now just another tool in the toolbox used for object browsing, discovery and debugging along with some other utilities such as Lutz Roeder’s Reflector and DILE. As the tools we developers use for troubleshooting and debugging advance, so too do the utilities available to crack our code. Like most software developers, I like to get paid for code that I write and not have it shared unless I choose to. This means I also need a set of tools too protect my code when necessary. One of the tools I can use is obfuscation.
Obfuscating .Net, is an eBook that also includes the code the QND-Obfuscator. The eBook I read was the 2nd Edition and has been updated for .Net 2.0. Dan introduces the need of an obfuscator and some techniques of obfuscation, but spends the most time on member renaming (this is the main technique of the QND-Obfuscator). He explains step by step how to write a member renaming obfuscator. Starting with the end in mind (how the final assembly will have its members renamed), how to access the pieces of an assembly using the Unmanaged Metadata API and then how to update the assembly with the new names. He also points out a few changes that he had to make for .Net 2.0.
If you are in the need of a professional level obfuscation tool, I would not recommend buying this book for the obfuscator. However, if you are looking for a learning experience or some obfuscator code to play around with, I would recommend this book. Even though this book is short and not a lot of obfuscation techniques are really covered, I think the code and its explanation are worth the price of this book.