Obfuscation of Your .NET Application Code

Developers find themselves in a situation in which they have to secure code through Obfuscation -- a term that is defined as "technique to complicate code so that they are hard to be reverse-engineered". Although .Net assemblies are the easiest to be hacked, on a lighter note, someone also said: "The only things that hackers don't get are the comments!"

Wikipedia defines Obfuscated code in a precise manner: "Obfuscated code is source or machine code that has been made difficult to understand for humans. Programmers may deliberately obfuscate code to conceal its purpose (security through obscurity) or its logic to prevent tampering, deter reverse engineering, or as a puzzle or recreational challenge for someone reading the source code. "

Microsoft .Net architecture's fundamental principle is to convert all of its language code to MSIL (Microsoft Intermediate Language) that contains a good level of metadata that describes members, types and other code blocks that help many to recover the original code. Hence tools like Reflector can easily decompile compiled .net assemblies and provide us source code. And this source code is re-compliable!

The argument whether one should obfuscate code so as to protect the intellectual property is often debatable. Software companies choose to do this for tools they create so as not to lose business. Others simply choose to reside their secret code on the servers and ask Clients to get their requests processed on the servers. You might also be interested to know that the company which now owns Reflector (a popular tool for exploring and decompile assemblies) also provides us the SmartAssembly - a .Net obfuscator.

An obfuscator tool does the work for you. And following are the key features that an obfuscator tool should possess:

  1. Restructuring of code
  2. Encryption of textual - string information in the code
  3. Encryption of resource files such as images, icons, and any other propriety information

You don't have to look out for new ones, as one of the Obfuscators is packaged with Visual studio. The latest version of Visual studio now has the Dotfuscator Software services with it for free.

The Dotfuscator Software Services can be launched from the Tools menu. All you have to do is, start the obfuscator service and add assemblies that you need to obfuscate. Then choose the Build option from the tool. It will ask you save this obfuscated project. Once built, it would save it in the project location. The following figure provides a clear cut - explanation.

Start the obfuscator service and add assemblies that you need to obfuscate
Figure 1: Start the obfuscator service and add assemblies that you need to obfuscate

Do not forget to read the interesting article titled "Thwart Reverse Engineering of Your Visual Basic .NET or C# Code " by Gabriel Torok and Bill Leach which explains the 2003 version of dotfuscator tool and its essential techniques.

Visual basic developer center also hosts a series of videos in this regard.

Thanks for reading!

References:

Obfuscated code

Thwart Reverse Engineering of Your Visual Basic .NET or C# Code

Dotfuscator Software Services in Visual Studio 2010



About the Author

Srinath M S

I would love to leave a footprint in this flat world

Comments

  • There are no comments yet. Be the first to comment!

Leave a Comment
  • Your email address will not be published. All fields are required.

Top White Papers and Webcasts

  • Protecting business operations means shifting the priorities around availability from disaster recovery to business continuity. Enterprises are shifting their focus from recovery from a disaster to preventing the disaster in the first place. With this change in mindset, disaster recovery is no longer the first line of defense; the organizations with a smarter business continuity practice are less impacted when disasters strike. This SmartSelect will provide insight to help guide your enterprise toward better …

  • If you need new tools and tricks to make your meetings profitable and productive, then 5 Tips in 5 Minutes: A Quick Guide for More Profitable Sales Meetings is for you. Timely, practical tips that you can incorporate in just seconds will save you literally hours in travel and meeting time, not to mention help you to focus on what your sales prospects really want to know and how you can meet their needs. Get 5in5: A Quick Guide for More Profitable Sales Meetings and start building your sales the smarter, faster …

Most Popular Programming Stories

More for Developers

Latest Developer Headlines

RSS Feeds