How to Protect DLL files in. Net (Prevent Cracking and decompile DLL files ))

Source: Internet
Author: User
Tags reflector

. Net is a language based on virtual machines. It directly generates the msil intermediate language, and then the. NET compiler JIT interprets the image as the local code and delivers the CPU for execution. The intermediate language is easily decompiled, so we will study how to effectively protect DLL files.

My general method is:Strong signature + obfuscation + encryption.

Strong Signature
A strongly-named Assembly ensures that your assembly is unique without being tampered with or exploited. Even if the Assembly with the same name has different signatures.
Strong signatures are simple

Add a strong name for the project:
1. Right-click the project and open the Properties window;
2. Select the signature tab in the Properties window, select the Assembly signature option, and select new from the drop-down list, as shown in:

3. Open the new signature window and enter the name and password of the signature, as shown in:
 

 

Click OK to add the signature. Add a strong name to the DLL file without source codeIf the project references other DLL files without source code, and the DLL file is an assembly without a strong name, during compilation, errors such as "assembly generation failed -- referenced assembly 'xxxxxxxxxxxxxx' with no strong name" will occur.
I reference the InterOP. Scripting. dll assembly here. It is not a strong name and requires the following operations:
1. Open the SDK Command Prompt window;

 

2. Create a new random key pair:
Sn-K InterOP. Scripting. SNK
3. decompile the Target Assembly
Ildasm InterOP. Scripting. dll/out = InterOP. Scripting. Il
3. recompile with strong name Parameters
Ilasm InterOP. Scripting. il/dll/resource = InterOP. Scripting. Res/Key = InterOP. Scripting. SNK/optimize
4. Verify the signature information
Sn-V InterOP. Scripting. dll

OK. re-introduce the generated DLL file to the project and compile it.

Note: The unsigned main program can reference signed or unsigned assembly, but the signed main program cannot reference the unsigned assembly. (There are corresponding solutions in the above article)

Obfuscation
Obfuscation is to blur the msil intermediate code generated by compilation. The simplest obfuscation is name obfuscation, the purpose of changing the namespace name, class name, method name, field name, and so on to special or other symbols is to make people dizzy, but does not change the program execution logic.
I am using dotfuscator for obfuscation.
Dotfuscator obfuscation method:
1. Create a new project, as shown in:

2. Select the DLL and exe files to be confused, as shown in

3. Select the Library Attribute in the attribute (it is very important because I want to confuse the DLL file here. If it is not selected, it cannot be called correctly after obfuscation !), As shown in:

4. Select the bulid label and click the bulid button for confusion.

We can also choose other tags to encrypt strings, add watermarks, and other operations. Here I use another method for encryption, so no operation is selected.
OK ,after completion, we can use reflector.exe to decompile the mixed DLL file. We can compare the source code to see the effect.

  EncryptionNext, we will continue to encrypt the obfuscated DLL files to further protect the DLL files.
The encryption tool I use is maxtocode.
After you open the software, switch to Chinese. You can see that it is very simple. After adding the DLL file, click execute encryption. Other options, such as encrypted strings and strong names, are easy to use. You will find them at a glance, and the help of maxtocode is very friendly. After reflector.exe is decompiled, it is found that the DLL file is encrypted more thoroughly because the content of the main function is hidden. Through the above three steps, your DLL file can be free from cracking by the average person, of course, it is impossible to absolutely prevent being cracked.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.