. Net Program obfuscation, security, protection, encryption

Link: http://www.svnhost.cn/Article/Detail-173.shtml

 

Decompilation tool:. net decompilation tool reflector tool. NET Reflector plug-in FileDisassembler

Everyone knows that software developed by. net is compiled into dll or exe files at the time of release, regardless of the WebForm project or WinForm project. However, we often want to view the software source code and lift some restrictions for learning or other purposes. At this time, the decompilation technology will come in handy. The reflector mentioned above is such a tool.

It can decompile the dll, exe, and other target files into the source code. If the target file is not obfuscated or encrypted, the source code obtained by decompilation is almost the same as the source code before software compilation. This poses a serious risk to the copyright and security of the program.

There is also a toolILDASMYou can decompile the target file into the IL source code. Then we can modify the IL source code and then useILASMCompile the IL source code to obtain a modified target file, which removes some restrictions of the program, such as the time limit and the number of times of use.

So how can we protect our programs from being modified?

During the past two days, compilation, decompilation, and obfuscation were performed. Summary:

1. Add a strong signature to the project. Procedure: Right-click the project, select Properties, find the signature tab, create a signature file, and enter the password.

2. After the project is released, the dll and exe files will be obfuscated. the obfuscation tool is Dotfuscator Professional Edition 4.2. To confuse web projects, exclude the web project file rename function. Otherwise, the aspx file cannot reference the dll assembly. Pay attention to the reference of the HttpModule class.

3. If you are not at ease, you can shell the obfuscated files. Shell tool: MaxtoCode.Professional.2007.v3.21-Lz0.rar this tool I have not personally tried, interested in their own research.

The above three layers of protection should be able to deal with general cainiao attacks. There is nothing to say in this article, but I 'd like to introduce it to you. It should be helpful for users who are not confused. Avoid detours.

I took a lot of detours. I have been searching for Dotfuscator Professional Edition 4.3 for a long time, and I have been exploring it for a long time with other obfuscation software. I have to mention a software: Xenocode Postbuild, the latest version is 2008, this software is a well-known obfuscator. However, I have not found a good download. If you have any software, please send it to me. NET Reactor (with registration files) is also a obfuscator that can be used to confuse versions earlier than. net 2.0.

Conclusion: The two methods mentioned above, "strong signature" and "Dotfuscator Professional Edition 4.2", are obfuscation methods that are easy to use to protect the assembly. Recommended.