avoid .net reflector
-
Hi. Since ".net reflector" can decompile the assembly which means that all of the source can be restored, does any one know how to avoid that? since i have encryption keys stored in the assembly and can by seen with the .net reflector? This has been bothering me for a few month. Thanks.
-
Hi. Since ".net reflector" can decompile the assembly which means that all of the source can be restored, does any one know how to avoid that? since i have encryption keys stored in the assembly and can by seen with the .net reflector? This has been bothering me for a few month. Thanks.
-
Hi. Since ".net reflector" can decompile the assembly which means that all of the source can be restored, does any one know how to avoid that? since i have encryption keys stored in the assembly and can by seen with the .net reflector? This has been bothering me for a few month. Thanks.
You can obfuscate the assembly. VS2005 includes a Dotfuscator Community Edition (light version). Many other obfuscator tools exist with prices from a couple of hundred to several thousand USD. (See also this Google search[^].)
-
Hi. Since ".net reflector" can decompile the assembly which means that all of the source can be restored, does any one know how to avoid that? since i have encryption keys stored in the assembly and can by seen with the .net reflector? This has been bothering me for a few month. Thanks.
Use an obfuscator. Visual Studio comes with the free edition of Dotfuscator, which can rename the symbols in your application. However, in order to achieve a higher degree of protection you'll need more than that. The superior versions Dotfuscator and most similar products have something called string encryption, which will prevent decompilers from reading keys, passwords, etc that are stored as strings in your app. There are a myriad of commercial obfuscators out there and some of them have sponsored articles here on CP. If you want to invest some money into this I recommend {smartassembly}(trial version available on their site). It's way way cheaper than Dotfuscator or Spices.Obfuscator and it's very easy to use. Also, VERY IMPORTANT: if you use features such as serialization, reflection or remoting in your app, you'll have to be very careful with those classes/methods because most obfuscators break the application if those sections of your code are not excluded from renaming. As far as I saw from the trial version, {smartassembly} does that automatically, so that's a big advatage. But download some trials and see which one fits you.
-
Hi. Since ".net reflector" can decompile the assembly which means that all of the source can be restored, does any one know how to avoid that? since i have encryption keys stored in the assembly and can by seen with the .net reflector? This has been bothering me for a few month. Thanks.
As long as your program is able to extract the encryption keys, a hacker is able to do that, too. With or without an obfuscator.
-^-^-^-^-^- no risk no funk ................... please vote ------>