. NET DLL Protection measures (v) cracking under normal conditions

In order to prove that under conventional means can effectively protect the core function of the program (the demo version of the AES encryption and decryption algorithm and the database key (a string) is protected), the DLL protection thinking of the corresponding test, including the anti-compilation and reflection testing, See if we can get the key and database string of AES encryption and decryption algorithm.

　　Anti-compilation:

I'm using the. NET DLL anti-compilation tool Ilspy, and the following is true.

1. NetProtect.BLLDemo.dll

2. NetProtect.ConsoleApplication1.exe

3. NetProtect.CoreClr.dll

　　

　　

Synthesis, it can be found that the anti-compilation is not effective information (AES key and database key), the realization of " can not see " the purpose.

Reflection:

First I prepared the following test code, create a new console application, and add the following code to the Program.cs:

Console.WriteLine ("WinForm Demo of DLL Protection"); Console.WriteLine ("------------------------------------------------------"); var a = Assembly.loadfile ( Path.Combine (Application.startuppath, "NetProtect.CoreClr.dll")), Object dalobj = A.createinstance (" Netprotectcoreclr "); Type t = a.gettype ("Netprotectcoreclr", false, True); var dal = T.getfield ("Dalclassobj"). GetValue (dalobj). GetType (); object coreassmbly = Dal. Assembly.createinstance ("Core"); Type T1 = dal. Assembly.GetType ("Core", false, true); MethodInfo method = t1. GetMethod ("Getdatabasepassword"); var result = method. Invoke (coreassmbly, NULL); Console.WriteLine ("Get Password:" + result); fieldinfo[] Fieldarray = t1. GetFields (BindingFlags.NonPublic | bindingflags.instance); foreach (Var f in Fieldarray) {    Console.WriteLine (string. Format ("{0}:{1}", F.name, F.getvalue (coreassmbly). ToString ()));} Console.readkey ();

Then build the project, run EXE, get:

　　

As you can see, the program has an exception (this caller is unauthorized (0x11111111), and this exception is a safeguard to verify that the caller's identity has not been thrown through ( in practice, Anti-compilation of the corresponding EXE and DLL re-generated or through the current presentation of the direct reflection will verify that does not pass ), the core code in the protection measures played an effective role. Realize the non-legal identity of the "cannot tune" the purpose.

Through the above two aspects of the verification, it can be concluded that this idea has improved the level of protection under the conventional conditions.

. NET DLL Protection series

--------------------------------------------------------------------------------------------

. NET DLL protection measures (i) (non-obfuscation encryption shell). NET DLL protection measures (ii) a detailed description of the performance of the. NET DLL protection measures (iii) the final effect. NET DLL protection measures in detail (iv) the operation of each operating system. NET DLL protection measures (v) Cracking under the normal conditions

. NET DLL Protection measures (v) cracking under normal conditions