how do you check the quality of your obfuscation of a .net assembly?
-
great info. thanks a million. could you name a few stand-alone deobfuscators?
diligent hands rule....
Try also this... http://ilspy.net/[^]
NKS
-
Try also this... http://ilspy.net/[^]
NKS
-
my assembly is .NET user control in C#. after I obfuscate it, I want to check how good is the obfuscation. So I used Red-gate Reflector to check class, method etc. What is your way to check the quality of obfuscation of a .net assembly?
diligent hands rule....
It feels funny to me to obfuscate a user control. What is there to keep secret? Usually people obfuscate important algorithms. Admitted, to break an obfuscation, an attacker will try to start fooling around with user controls and see what modifications that does to the execution of the application. People with need for strong obfuscations normally do not obfuscate byte code languages. These have a tendency to be easy to de-obfuscate. Strong obfuscations are done on machine code programs. I'm doing obfuscations for business. Like the original poster I would love to know the quality of obfuscations. I bet my obfuscations are unbreakable by amateurs. But how can you find out security against sophisticated attackers? The solution is to pay a readteam. However,for my startup, I would not have the slightest idea where to take the money from. Maybe somebody might try it as a challenge or a crackme, just for bragging rights. But then. if somebody posts an opinion, how much would you believe it? Chris Chris Jacobi Founder White Hawk Software www.whitehawksoftware.com
-
my assembly is .NET user control in C#. after I obfuscate it, I want to check how good is the obfuscation. So I used Red-gate Reflector to check class, method etc. What is your way to check the quality of obfuscation of a .net assembly?
diligent hands rule....
I open the binaries in ILSpy and if ILSpy doesn't throw an exception then the obfuscation is not good enough
-
I once used an obfuscator that prevented both ILDasm and Reflector from even opening the assemblies. It removed the headers. I'm not sure how it got to bind the assemblies without the headers, but I think it would go further on making it harder to unobfuscate the assemblies.
To alcohol! The cause of, and solution to, all of life's problems - Homer Simpson ---- Our heads are round so our thoughts can change direction - Francis Picabia
-
ILSpy is the open-source .NET assembly browser and decompiler. If you have a c# DLL File or EXE, you can save decompiled assembly as .csproj and Assembly as C# Project.
NKS
-
thanks. it is great tool.
diligent hands rule....
-
ILSpy is the open-source .NET assembly browser and decompiler. If you have a c# DLL File or EXE, you can save decompiled assembly as .csproj and Assembly as C# Project.
NKS
I am using it right now besides some others..
diligent hands rule....
-
It feels funny to me to obfuscate a user control. What is there to keep secret? Usually people obfuscate important algorithms. Admitted, to break an obfuscation, an attacker will try to start fooling around with user controls and see what modifications that does to the execution of the application. People with need for strong obfuscations normally do not obfuscate byte code languages. These have a tendency to be easy to de-obfuscate. Strong obfuscations are done on machine code programs. I'm doing obfuscations for business. Like the original poster I would love to know the quality of obfuscations. I bet my obfuscations are unbreakable by amateurs. But how can you find out security against sophisticated attackers? The solution is to pay a readteam. However,for my startup, I would not have the slightest idea where to take the money from. Maybe somebody might try it as a challenge or a crackme, just for bragging rights. But then. if somebody posts an opinion, how much would you believe it? Chris Chris Jacobi Founder White Hawk Software www.whitehawksoftware.com
inside my user control I do have some algorithms to protect. I checked your website, but not see product yet...
diligent hands rule....
-
thanks. it is great tool.
diligent hands rule....
glad I could help!
-
my assembly is .NET user control in C#. after I obfuscate it, I want to check how good is the obfuscation. So I used Red-gate Reflector to check class, method etc. What is your way to check the quality of obfuscation of a .net assembly?
diligent hands rule....
See if this tool can de-obfuscate your obfuscation: http://de4dot.com/[^]