.NET reverse engineering
-
I remembered reading an article during the beta 2 days on how ILDASM provided access to source code. When this popped into my head this evening, I decided to give it a whirl and sure enough, ILDASM spit out every line of my little test program. I also noticed that some companies have release .NET tools and claim that there's no unmanaged code. There's got to be some way that they've prevented this easy reverse engineering. I read that there's a switch in ilasm called /owner, but this was in beta 2 and appears to have been removed. Does this sort of thing concern anyone else? I'd have to have a good solution to this problem before I start pitching .NET components to my company.
-
I remembered reading an article during the beta 2 days on how ILDASM provided access to source code. When this popped into my head this evening, I decided to give it a whirl and sure enough, ILDASM spit out every line of my little test program. I also noticed that some companies have release .NET tools and claim that there's no unmanaged code. There's got to be some way that they've prevented this easy reverse engineering. I read that there's a switch in ilasm called /owner, but this was in beta 2 and appears to have been removed. Does this sort of thing concern anyone else? I'd have to have a good solution to this problem before I start pitching .NET components to my company.
There are commercial obfuscators out there. Here is one: http://www.wiseowl.com/products/Products.aspx Regards, Suresh
-
I remembered reading an article during the beta 2 days on how ILDASM provided access to source code. When this popped into my head this evening, I decided to give it a whirl and sure enough, ILDASM spit out every line of my little test program. I also noticed that some companies have release .NET tools and claim that there's no unmanaged code. There's got to be some way that they've prevented this easy reverse engineering. I read that there's a switch in ilasm called /owner, but this was in beta 2 and appears to have been removed. Does this sort of thing concern anyone else? I'd have to have a good solution to this problem before I start pitching .NET components to my company.
What this means is that basically .NET is open-source by nature :-) Every .NET executable and component can be easily seen in IL source code [or perhaps even in their language of development] Nish Nish was here, now Nish has gone; He left his soul, to turn you on; Those who knew Nish, knew him well; Those who didn't, can go to hell. I like to :jig: on the Code Project Sonork ID 100.9786 voidmain www.busterboy.org
-
What this means is that basically .NET is open-source by nature :-) Every .NET executable and component can be easily seen in IL source code [or perhaps even in their language of development] Nish Nish was here, now Nish has gone; He left his soul, to turn you on; Those who knew Nish, knew him well; Those who didn't, can go to hell. I like to :jig: on the Code Project Sonork ID 100.9786 voidmain www.busterboy.org
-
I remembered reading an article during the beta 2 days on how ILDASM provided access to source code. When this popped into my head this evening, I decided to give it a whirl and sure enough, ILDASM spit out every line of my little test program. I also noticed that some companies have release .NET tools and claim that there's no unmanaged code. There's got to be some way that they've prevented this easy reverse engineering. I read that there's a switch in ilasm called /owner, but this was in beta 2 and appears to have been removed. Does this sort of thing concern anyone else? I'd have to have a good solution to this problem before I start pitching .NET components to my company.
This topic has been brought up a few times on the DOTNET mailing list. Here is a quick search through the archives, where a few different threads came up. Look at the "ANN: Demeanor for .NET" thread especially. Personally I don't see ILDASM as a bad thing, it gives an asm like view to your .NET code; for the most part this isn't really a big deal. While someone is busy trying to reproduce your source you can go off and make your product better. Too make that even harder run a tool like Demeanor on the assembly, its still possible to figure out whats going on, just more difficult. Everything is crackable, you just need time and determination. James Sonork ID: 100.11138 - Hasaki "My words but a whisper -- your deafness a SHOUT. I may make you feel but I can't make you think." - Thick as a Brick, Jethro Tull 1972
-
This topic has been brought up a few times on the DOTNET mailing list. Here is a quick search through the archives, where a few different threads came up. Look at the "ANN: Demeanor for .NET" thread especially. Personally I don't see ILDASM as a bad thing, it gives an asm like view to your .NET code; for the most part this isn't really a big deal. While someone is busy trying to reproduce your source you can go off and make your product better. Too make that even harder run a tool like Demeanor on the assembly, its still possible to figure out whats going on, just more difficult. Everything is crackable, you just need time and determination. James Sonork ID: 100.11138 - Hasaki "My words but a whisper -- your deafness a SHOUT. I may make you feel but I can't make you think." - Thick as a Brick, Jethro Tull 1972
There's a difference between crackable and for all intents and purposes "Open Source". It takes little skill to run ildasm. One can go through the pros of open sourcing, but in the real world where there are business "secrets" that argument just won't fly.
-
Not really correct. Once obfuscated reading IL is not very different from reading X86 assembly code. It maybe takes a little more skill to read assembly. That is about all the difference though. Regards, Suresh
G. Suresh wrote: Once obfuscated reading IL is not very different from reading X86 assembly code. But obfuscation tools are all commercial, right? Nish Nish was here, now Nish has gone; He left his soul, to turn you on; Those who knew Nish, knew him well; Those who didn't, can go to hell. I like to :jig: on the Code Project Sonork ID 100.9786 voidmain www.busterboy.org
-
This topic has been brought up a few times on the DOTNET mailing list. Here is a quick search through the archives, where a few different threads came up. Look at the "ANN: Demeanor for .NET" thread especially. Personally I don't see ILDASM as a bad thing, it gives an asm like view to your .NET code; for the most part this isn't really a big deal. While someone is busy trying to reproduce your source you can go off and make your product better. Too make that even harder run a tool like Demeanor on the assembly, its still possible to figure out whats going on, just more difficult. Everything is crackable, you just need time and determination. James Sonork ID: 100.11138 - Hasaki "My words but a whisper -- your deafness a SHOUT. I may make you feel but I can't make you think." - Thick as a Brick, Jethro Tull 1972
James T. Johnson wrote: Everything is crackable, you just need time and determination. Yeah but now only determination is needed. ildasm does not require too much time. Nish Nish was here, now Nish has gone; He left his soul, to turn you on; Those who knew Nish, knew him well; Those who didn't, can go to hell. I like to :jig: on the Code Project Sonork ID 100.9786 voidmain www.busterboy.org
-
This topic has been brought up a few times on the DOTNET mailing list. Here is a quick search through the archives, where a few different threads came up. Look at the "ANN: Demeanor for .NET" thread especially. Personally I don't see ILDASM as a bad thing, it gives an asm like view to your .NET code; for the most part this isn't really a big deal. While someone is busy trying to reproduce your source you can go off and make your product better. Too make that even harder run a tool like Demeanor on the assembly, its still possible to figure out whats going on, just more difficult. Everything is crackable, you just need time and determination. James Sonork ID: 100.11138 - Hasaki "My words but a whisper -- your deafness a SHOUT. I may make you feel but I can't make you think." - Thick as a Brick, Jethro Tull 1972
James T. Johnson wrote: While someone is busy trying to reproduce your source you can go off and make your product better. A very good point, especially given that, James T. Johnson wrote: Everything is crackable, you just need time and determination. There is no such thing as a risk-free existence, I just wish someday that lawyers would learn that:-D
-
There's a difference between crackable and for all intents and purposes "Open Source". It takes little skill to run ildasm. One can go through the pros of open sourcing, but in the real world where there are business "secrets" that argument just won't fly.
billb2112 wrote: It takes little skill to run ildasm. Precisely. But even without it more skilled crackers would have found methods... Nish Nish was here, now Nish has gone; He left his soul, to turn you on; Those who knew Nish, knew him well; Those who didn't, can go to hell. I like to :jig: on the Code Project Sonork ID 100.9786 voidmain www.busterboy.org
-
There's a difference between crackable and for all intents and purposes "Open Source". It takes little skill to run ildasm. One can go through the pros of open sourcing, but in the real world where there are business "secrets" that argument just won't fly.
billb2112 wrote: It takes little skill to run ildasm Correct, almost no skill is needed to run it; but to be able to use the output does take some skill. ildasm doesn't spit out C#/VB.NET code, you still have to have the same sort of skill set that reading assembly takes. Yes the job is made easier by getting names of methods/types but that only helps to a point. Even if the component was written in unmanaged code the same applies for cracking a program, with time and determination you can find out what a program is doing under it covers. Does .NET make that a little easier, certainly. In most cases does that really matter? No, because if someone was bound and determined to figure how you do something they can do that through observation or by spending quality time with the disassembly. In the case where you want to keep "secrets" a secret you should look at using a proxy object to keep the actual program on a secure computer having all requests go through the proxy which then communicates to a proxy on the secure computer which then communicates with the real application. All communication is 128 bit encrypted of course. That is probably as secure as you can get ;) For the record I have never been pro open source for any "real" program since it doesn't pay the bills. :-D Now, when I go to ship my .NET products am I going to run them through Demeanor? Yep :) Am I a hypocrite? I don't think so, I understand what it would take for someone to take and run ildasm on my components and get the IL. And I'd like to make it a little more difficult to understand the IL :) James Sonork ID: 100.11138 - Hasaki "My words but a whisper -- your deafness a SHOUT. I may make you feel but I can't make you think." - Thick as a Brick, Jethro Tull 1972
-
James T. Johnson wrote: Everything is crackable, you just need time and determination. Yeah but now only determination is needed. ildasm does not require too much time. Nish Nish was here, now Nish has gone; He left his soul, to turn you on; Those who knew Nish, knew him well; Those who didn't, can go to hell. I like to :jig: on the Code Project Sonork ID 100.9786 voidmain www.busterboy.org
The new color text looks good, Nish... easy on the eye, as they say...
-
The new color text looks good, Nish... easy on the eye, as they say...
Thanks Roger. I have a bad reputation on CP regarding my colors. I mean, I once did a CP wallpaper thinking that people would be glad I did that, but unfortunately everyone seemed pissed about the colors :-) :-) :-) Nish Nish was here, now Nish has gone; He left his soul, to turn you on; Those who knew Nish, knew him well; Those who didn't, can go to hell. I like to :jig: on the Code Project Sonork ID 100.9786 voidmain www.busterboy.org
-
James T. Johnson wrote: Everything is crackable, you just need time and determination. Yeah but now only determination is needed. ildasm does not require too much time. Nish Nish was here, now Nish has gone; He left his soul, to turn you on; Those who knew Nish, knew him well; Those who didn't, can go to hell. I like to :jig: on the Code Project Sonork ID 100.9786 voidmain www.busterboy.org
Nish [BusterBoy] wrote: Yeah but now only determination is needed. Time is still required, because it'll take time to figure out the code; granted less time than if looking at x86 but you don't get instant C#. James Sonork ID: 100.11138 - Hasaki "My words but a whisper -- your deafness a SHOUT. I may make you feel but I can't make you think." - Thick as a Brick, Jethro Tull 1972
-
Nish [BusterBoy] wrote: Yeah but now only determination is needed. Time is still required, because it'll take time to figure out the code; granted less time than if looking at x86 but you don't get instant C#. James Sonork ID: 100.11138 - Hasaki "My words but a whisper -- your deafness a SHOUT. I may make you feel but I can't make you think." - Thick as a Brick, Jethro Tull 1972
Actually, now that I think about it back in Beta 1 someone had written an IL -> C# (de)compiler. James Sonork ID: 100.11138 - Hasaki "My words but a whisper -- your deafness a SHOUT. I may make you feel but I can't make you think." - Thick as a Brick, Jethro Tull 1972
-
G. Suresh wrote: Once obfuscated reading IL is not very different from reading X86 assembly code. But obfuscation tools are all commercial, right? Nish Nish was here, now Nish has gone; He left his soul, to turn you on; Those who knew Nish, knew him well; Those who didn't, can go to hell. I like to :jig: on the Code Project Sonork ID 100.9786 voidmain www.busterboy.org
Currently that is the case; but I would guess within the next year an open source one will be started, and while it won't be as good as the commercial ones it'll get the job done. James Sonork ID: 100.11138 - Hasaki "My words but a whisper -- your deafness a SHOUT. I may make you feel but I can't make you think." - Thick as a Brick, Jethro Tull 1972