.Net, ILDASM, and Reverse Engineering
-
Here's a question I've always had about .Net: Using the ILDASM tool, you can view the MSIL code of virtually any CLR executable, complete with undecorated variable names and everything. Already, I've seen someone offering the source code to some program that they reverse engineered (granted it was a very simple program). The MSIL syntax is simple enough that the average programmer could recognize exactly how something was being done. Is there a way in .Net to encrypt your MSIL code, or at least obsfucate it a bit? Otherwise, it seems pretty dangerous to me, tantamount to giving out your source code. Nick Carruthers
-
Here's a question I've always had about .Net: Using the ILDASM tool, you can view the MSIL code of virtually any CLR executable, complete with undecorated variable names and everything. Already, I've seen someone offering the source code to some program that they reverse engineered (granted it was a very simple program). The MSIL syntax is simple enough that the average programmer could recognize exactly how something was being done. Is there a way in .Net to encrypt your MSIL code, or at least obsfucate it a bit? Otherwise, it seems pretty dangerous to me, tantamount to giving out your source code. Nick Carruthers
A guy asked the same question one of MS managers at .NET conference in Copenhagen, and the MS guy was not very comfortable with the question. the answer was that they would maybe provide some kind of obfuscator, but it was pretty obvious that they were not sure about that. I guess that they will finally have to provide a solution for this problem in order to sell .NET to businesses, which want to protect their investments. Of course, you can always compile it to native code ;)
-
Here's a question I've always had about .Net: Using the ILDASM tool, you can view the MSIL code of virtually any CLR executable, complete with undecorated variable names and everything. Already, I've seen someone offering the source code to some program that they reverse engineered (granted it was a very simple program). The MSIL syntax is simple enough that the average programmer could recognize exactly how something was being done. Is there a way in .Net to encrypt your MSIL code, or at least obsfucate it a bit? Otherwise, it seems pretty dangerous to me, tantamount to giving out your source code. Nick Carruthers
This issue was widely discussed on a DOTNET list at Developmentor. Here is the link to one of early threads, you can search the archives for more info. Tomasz Sowinski -- http://www.shooltz.com