I'm using ILSpy to look at a .dll. A Majority of the classes are in english, but some of the classes are in the weird letters that I can't explain. I'm wondering if there is an error with the .dll or ILspy or if you it needed to be decompiled differently.
Because the code has been obfuscated, it's a way of making the code so hard to understand that it deters reverse engineering.
Usually PreEmptive's Obfuscation tool comes in Visual Studio, check it out. You could also try Market Place, Nuget & Visual Studio Gallery for more.
If you wish to de-obfuscate the DLL it might be possible with an old copy of the code and refactoring based on that. Otherwise you will find that Obfuscation is typically one way, eg renaming a btnSave to a1 is irreversible.
Related
I wrote a windows application using C# .Net 2.0 and i want to do something which hide the source code, so when any one use refactor tool can't see the source code.
I used dotfuscator but it just changed the function names but not all the source code.
UPDATE:
I want to hide the source code, not because of hiding the key, but to hide how the code is working.
Thanks,
IL is by definition very expressive in terms of what remains in the body; you'll just have to either:
find a better (read: more expensive) obfuscator
keep the key source under your control (for example, via a web-service, so key logic is never at the client).
Well, the source code is yours and unless you explicitly provide it, youll perobably only be providing compiled binaries.
Now, these compiled binaries are IL code. To prevent someone "decompiling" and reverse engineering your IL code back to source code, you'll need to obfuscate the IL code. This is done with a code obfuscator. There are many in the marketplace.
You've already done this with dotfuscator, however, you say that it only changed the function names, not all the source code. It sounds like you're using the dotfuscator edition that comes with Visual Studio. This is effectively the "community edition" and only contains a subset of the functionality of the "professional edition". Please see this link for a comparison matrix of the features of the community edition and the professional edition.
If you want more obfuscation of your code (specifically to protect against people using tools such as Reflector), you'll need the professional edition of Dotfuscator, or another code obfuscator product that contains similar functionality.
As soon as people get a hand on your binaries they can reverse-engineer it. It’s easier with languages that are compiled to bytecode (C# and Java) and it’s harder with languages that are compiled to CPU-specific binaries but it’s always possible. Face it.
Try SmartAssembly
http://www.smartassembly.com/index.aspx
There are limits to the lengths obfuscation software can go to to hide the contents of methods, fundamentally changing the internals without affecting the correctness (and certainly performance) is extremely hard.
It is notable that code with many small methods tends to become far harder to understand once obfuscated, especially when techniques for sharing names between methods that would appear to collide to the eye but not to the runtime are employed.
Some obfuscators allow the generation of constructs which are not representable in any of the target languages, the set of all operations allowable in CIL for example is way more than that expressible through c# or even C++/CLI. However this often requires an explicit setting to enable (since it can cause problems). This can cause decompilers to fail, but some will just do their best and work around it (perhaps inlining the il it cannot handle).
If you distribute the pdb's with the app then even more can inferred due to the additional symbols.
Just symbol renaming is not enough of a hindrance to reverse-engineering your app. You also need control flow obfuscation, string encryption, resource protection, meta data reduction, anti-reflector defenses, etc, etc. Try Crypto Obfuscator which supports all this and more.
Create a setup project for your application and install the setup on your friends computer like a software. There are 5 steps to creating the setup project using microsoft visual studio.
Step 1: Create a Sample .Net Project. I have named this project as "TestProject" after that build your project in release mode.
Step 2: Add New Project using right click on your solution and select setup project and give the name this as "TestSetup".
Step 3: Right click on setup project and Add primary Output and select your project displayed.
Step 4: Right Click the setup project and select View-> File System -> Application Folder. Now copy what you want to be in installation folder.
Step 5: Now go to our project folder and open the release folder you can get the setup.exe file here. Double click on the "TestSetup" file and install your project to your and other computer.
Visual Studio has a "Refactor Rename" feature where I can right-click any type or member and rename it, and it will update all references within a project or solution to match. Is this functionality accessible from MSBuild command line tools, without having to open Visual Studio?
(I'm doing this because I have a project that is so large that Visual Studio runs out of memory while attempting to calculate where the rename is needed).
As far as I'm aware that's not something that's available outside of Visual Studio; although you probably have a couple of avenues available for getting it done.
The first thing that I'd try is using a lighter editor, VSCode, Atom, etc. Something that uses less memory, but will still hopefully let you get the rename done. You might have to use a regex find/replace to get it done; whether that's an option kind of comes down to if you can make an accurate regex.
If you can actually get the project open in VS with no (or less, at least) problems, then you could also start unloading projects that aren't relevant to the rename. If you know that it's only available in certain projects then unload everything else, perform your rename, and reload the projects. If it's everywhere then you might still be able to do something similar to this, perform the rename in a few projects, unload them, load the next few, rename, etc. Although I'm honestly not 100% sure that'll work, I've never attempted it.
Regardless of what you try, if you haven't already be sure to have your code in source control just in case. I'm sure this is doable, but maybe not via the VS command line.
No. There is no shipping msbuild target, task or tool to rename variables from the command line.
You could of course write yourself. :)
But I highly suggest using Visual Studio Code as an alternative to Visual Studio for loading large numbers of projects. It's an outstanding cross platform IDE. And who knows, perhaps someone wrote a plugin for it to rename variables...??
I have an application written in C# (without the source of course), that needs to be changed a little bit. For example, I need to stop a few lines of code that create an unnecessary menu. So I think I should comment them out.
The source code is not obfuscated. I know I can completely decompile, change, and compile again, using tools like Reflector/Reflexil. But everyone knows that by doing this, many parts of code won't compile again! Is there a way in Reflector (or any other product) that a part of could be disabled/changed without this process?
Thanks.
You might want to try dnSpy. It is a .NET assembly editor, decompiler, and debugger forked from ILSpy.
https://github.com/0xd4d/dnSpy
If you really needed to do this, you could decompile it with Reflector (or a similar product) and then use that to try to recreate a solution in .Net that will produce the same executable.
You may run into issues around:
Obfuscated code
Sections where the decompile shows you accurate code for specific sections, but for some reason it just doesn't work in your new solution (and then what do you do?)
This is not to mention the potential legal issues related to doing this. If the executable was released under a license that would permit you to do this, then you would most likely have access to the source code. So the fact that you do not have access to the source code implies that doing what you are suggesting might not be legal.
Eventually I managed to "disable" a few lines of code in the compiled exe.
I used Reflector with Reflexil plugin installed. Reflexil allowed me to edit an MSIL instruction, and then save the result back to an exe file. So, it involved learning a few MSIL instructions, especially the "no operation" command (making a line of code do nothing). To see the list of instructions and a tutorial, see here and here.
Hope it helps someone else.
for the sake of completeness:
Another possible solution is to use the ildasm http://msdn.microsoft.com/en-US/library/f7dy01k1%28v=vs.80%29.aspx
MSIL Disassembler, edit the MSIL and feed it back to ilasm.
How practical this solution is, depends on you of course
This thread may help: dotnet dll decompile and change the code
Last time When I tried with decompile the source using reflection, I got too many compilation issues with regarding to resources and other subs though the dll isn't obfuscated. So there could be things beyond just extracting the source and modifying in order to make your new dll work as the old one.
SO I would suggest to go with direct dll manipulation using any of the options mentioned in the other thread.
If you have source code on the same machine on which you are testing your exe file, and if you are making changes in your sourcecode in visual studio, then while compiling it will automatically get reflected in your exe file.
You need not do any special thing for it. And if it is not, then just make the changes in code and paste your debugg folder's new exe (with debugg folder) on another machine having all recent changes.
We recently had a developer leave our organization. We're not sure if the version of an executable he put on a production server is the same that is currently in TFS. Is there any way (besides using something like Just Compile or ILDASM) to build the project from TFS and compare that executable to the one currently on our production server?
UPDATE: I'm trying out Just Decompile, and I've loaded both binaries, so I'm stepping through each namespace, member, etc to compare them against each other. I'm used to using Schema Compare in Visual Studio to compare the schemas of 2 databases and seeing the updated, removed and added items with the differences highlighted. Isn't there some tool that would take these 2 decompiled binaries and somehow highlight the differences?
Right now I can only think of this approach:
Use dotPeek to decompile the live assembly
Use dotPeek to decompile the same assembly freshly built from TFS
Use a tool like Beyond Compare on the two decompiled sources
Merge the changes as necessary
Hope this is what you were looking for??
Other reading that may be beneficial for the future in terms of versioning so you know what dll contains what functionality (may or may not be useful for you, forgive me if I am telling you something obvious):
Best practices/guidance for maintaining assembly version numbers
Good luck
Yes using NDepend you can diff between two .Net assemblies. Although even compiling exactly the same source twice will not generate exactly the same assemblies.
A product we use for detailed comparisons, including comparisons of binary files, is Beyond Compare. When we first got the product I thought it would be something of limited utility, but it has helped us solve some very tricky problems. It compares directories, text files, binary files, mp3's, pictures, and software versions. It's not particular expensive either.
I just ran the product against the binaries of an application in both Release and Debug and it highlighted every diff.
I am sure that you could run ILDASM against two binaries and do an eyeball comparison, but a tool like this will probably pay for itself over and over again.
I am working on an assembly that handles various color transformations. When I load the assembly into a new project to test, if there happens to be an bug in the assembly, Visual Studio opens the offending code from the DLL. I can step through all of the code in the assembly.
I definitely don't want the code to be so easily visible/available. I would like the code to be somewhat "locked" in the assembly.
How can I set the DLL to simply throw some sort of error instead of opening?
Edit
I'm not interested in the code being "safe" and I have no need to obfuscate. This library is being used internally and the code itself is perfectly accessible to tohers. What I don't want is for someone using the library to find themselves suddenly debugging the assembly. If there is a problem, I prefer to have an error thrown instead of the assembly code opening in Visual Studio.
This is happening because you have VS installed on the machine, and because you are deploying the PDB files - you will not get this dialogue box if VS is not installed.
Additionally:
Do not deploy code that has been built in the Debug configuration. These contain additional information that helps with debugging.
Make sure you do not deploy the PDB files with the executables. Same as above, and they are not needed for running the code.
Both these will help, but any assembly would be easily decompiled with reflector, so you may also want to investigate obfuscators to stop other programmers from easily seeing your code.
There is a list of C# obfuscators here : http://www.csharp411.com/net-obfuscators/
What you need is to obfuscate your binaries.
Basically if you want your code to be safe and you dont want your classes are exposed to others, you should definitely need to Obfuscate your code.
To obfuscate your code you can use DotFuscator, it is included with Visual Studio installation.
check my article on it.
http://www.codeproject.com/KB/dotnet/code_security.aspx