Allow C # EXE to run as long as it is modified to support obfuscation and digital certificates

The original: so that C # EXE can not run as long as modified, support confusion and digital certificate

First use the SN tool of the SDK or the MakeCert tool to generate the public key and key, recommend MakeCert, do your own certificate, I made a trusted root certificate placed in the trusted root certification authority, with this root certificate issued a subordinate certificate in an authentication book. The two certificates are saved, usually to the program signed with this sub-certificate on the line. Later all use this one, appear normal point.

Program Properties-Signature The ClickOnce and the program manifest signature are selected, timestamp with this Http://timestamp.wosign.com/timestamp

2 are selected from the file, here with the sub-certificate of the one with the key PFX, need to fill in the password.

This is not tamper-proof after compilation, because Microsoft has a skip mechanism, so that only the generated DLL to the GAC to check whether strong names match, and a separate exe is useless, modify the inside of something can still be executed. Microsoft said that you can add a mandatory check in the App. Config, that is, as long as the modified EXE can not be executed, but only exe always with that app. config in the same directory, if you take out the EXE alone can not.

How to put that sentence into EXE, I spend a half a day, finally think of a method, usually only pay attention to the function realized, didn't think. NET security mechanism so complex.

This method is either console or WinForm, regardless of the 2.0 3.0 3.5 4.0 generic.

If this is the console program, add the following in main

System.Security.Policy.Evidence Evi = new System.Security.Policy.Evidence (); Evi. Addhost (New System.Security.Policy.Zone (System.Security.SecurityZone.Intranet)); System.Security.PermissionSet PS = new System.Security.PermissionSet ( System.Security.Permissions.PermissionState.None); Ps. Addpermission (New System.Security.Permissions.SecurityPermission ( System.Security.Permissions.SecurityPermissionFlag.Assertion | System.Security.Permissions.SecurityPermissionFlag.Execution | System.Security.Permissions.SecurityPermissionFlag.BindingRedirects)); Ps. Addpermission (New System.Security.Permissions.FileIOPermission ( System.Security.Permissions.PermissionState.Unrestricted)); AppDomainSetup ads = new AppDomainSetup (); Ads. ApplicationBase = System.IO.Directory.GetCurrentDirectory (); AppDomain app = Appdomain.createdomain ("Jiaoyanshifougaidongguo", Evi, ADS, PS, NULL); try {String Jiaoyanshifougaidongguo = (string) app. CreateInstanceFromAndUnwrap (System.Diagnostics.Process.GetCurrentProcess (). Mainmodule.filename, typeof (String). FullName); AppDomain.Unload (APP); } catch (Exception e) {appdomain.unload (APP); if (E.message.contains ("8013141A") | | | e.message.contains ("8013141a")) {Console.writelin E ("This program has been modified to not allow execution.") "); System.Threading.Thread.Sleep (6000); Return } }

If it is a WinForm program, add the following in main

System.Security.Policy.Evidence Evi = new System.Security.Policy.Evidence (); Evi. Addhost (New System.Security.Policy.Zone (System.Security.SecurityZone.Intranet)); System.Security.PermissionSet PS = new System.Security.PermissionSet ( System.Security.Permissions.PermissionState.None); Ps. Addpermission (New System.Security.Permissions.SecurityPermission ( System.Security.Permissions.SecurityPermissionFlag.Assertion | System.Security.Permissions.SecurityPermissionFlag.Execution | System.Security.Permissions.SecurityPermissionFlag.BindingRedirects)); Ps. Addpermission (New System.Security.Permissions.FileIOPermission ( System.Security.Permissions.PermissionState.Unrestricted)); AppDomainSetup ads = new AppDomainSetup (); Ads. ApplicationBase = System.IO.Directory.GetCurrentDirectory (); AppDomain app = Appdomain.createdomain ("Jiaoyanshifougaidongguo", Evi, ADS, PS, NULL); try {String Jiaoyanshifougaidongguo = (string) app. CreateInstanceFromAndUnwrap (System.Diagnostics.Process.GetCurrentProcess (). Mainmodule.filename, typeof (String). FullName); AppDomain.Unload (APP); } catch (Exception e) {appdomain.unload (APP); if (E.message.contains ("8013141A") | | | e.message.contains ("8013141a")) {SYSTEM.WINDOWS.F Orms. MessageBox.Show ("This program has been modified to not allow execution.") "," Danger! ", System.Windows.Forms.MessageBoxButtons.OK, System.Windows.Forms.MessageBoxIcon.Stop, System.Windows.Forms.MessageBoxDefaultButton.Button1, System.Windows.Forms.MessageBoxOptions.DefaultDesktopOnly , false); Return } }

The principle is that the zone of the desktop program is MyComputer, is fully trusted, so there is a strong name to skip, the code is built an intranet AppDomain, not full trust, so will check the strong name, the AppDomain is empty, The goal is not to execute the content but to let. NET check the strong name, when execution to the code will go wrong, so put it in the first sentence below main, if the check will not affect the following normal code. In. Net4 the above code can be simpler, there is a sandbox getstandardsandbox, but 2 and 3 does not, it is not universal, and so no matter 234 is generic, so 4 will report some methods obsolete, do not control it.

Then compile the line, so that you do not have to telework with App. config, as long as the changes can not be executed, there will be "modified not allowed to execute" prompt, and then the program will automatically close.

This is not enough, the anti-compilation is easy to remove, need to be confused.

Directly confuse this EXE, double-click can't execute it. Don't worry.

With the Sn.exe and then the sub-certificate PFX to this confused EXE again signed can be executed, well, so exe not only confused, and was added a strong name signature, as long as the modification of 1 bytes can not be run. Sn-r is re-signed.

Continue, with the digital signature, SignTool tool, or just the sub-certificate, so right-click to see this.

So this program as long as a change, then not only can not execute, and right-click to see the digital certificate, also pass, is this

And EXE is still confused, hehe hey, it's done.

Of course, I use MakeCert to do the certificate on their own machine, the display "digital signature is OK", but the other person's machine does not have your certificate, will show that cannot verify the certificate, but still will be verified, that is, if the EXE changed, then it will show "invalid digital signature" instead of " Unable to verify the certificate ", so this point can also verify whether it has been tampered with, but in fact no need, this is only good-looking use, because just said, as long as the changes can not run the operation.

If you use more people, you can let the user put your certificate into his certificate library or to buy a real certificate, so that the Red fork will not be out.

Allow C # EXE to run as long as it is modified to support obfuscation and digital certificates