Solved

Obfuscation in .NET

Posted on 2004-08-11
11
505 Views
Last Modified: 2011-02-25
How effective is Obfuscation?  How much are better are professional obfuscators than free ones?  How long would it take a hacker to decompile and understand obfuscated code?

Oh, and something completely off topic (sorry)... if I have unlimited points to spare is it wrong to make all my questions worth 500 pts?
0
Comment
Question by:davidastle
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
11 Comments
 
LVL 37

Assisted Solution

by:gregoryyoung
gregoryyoung earned 400 total points
ID: 11775245
not really, its up to you ...

as for obfusication, it will make it more difficult for someone to lookat ..

example

public class foo() {
    public void bar() { ReadSerialPort(); }
}

would decompile as
public class 46asdf12331 {
    public void 12d() { 3912mds2(); }
}

now I am sure you can imagine how fun your stack traces will be when you get them :) ...

luckily this is one of the features thats covered in the payed versions ... http://preemptive.com/products/dotfuscator/Editions.html :)
0
 
LVL 2

Author Comment

by:davidastle
ID: 11777328
Yeah i read through everything on the dotfuscator website, as well as all of its competitors.  I have a reasonable idea of what it does (no idea of how i would write code to make an obfuscator).  But what i want to know is how effective it is; how much time would it take a hacker to understand?
For example, as is, the code sample you showed would be impossible to discern since the code for ReadSerialPort is not shown.  But i assume that you can look at the read the obfuscated serial port code... could a hacker familiar with serial port code recognize that the function call reads a serial port?  How hard would this be?
0
 
LVL 2

Author Comment

by:davidastle
ID: 11777337
Raising point value!
0
Resolve Critical IT Incidents Fast

If your data, services or processes become compromised, your organization can suffer damage in just minutes and how fast you communicate during a major IT incident is everything. Learn how to immediately identify incidents & best practices to resolve them quickly and effectively.

 
LVL 8

Assisted Solution

by:gregasm
gregasm earned 40 total points
ID: 11778552
The point is: everything is possible, but would one even want to invest the time to understand the obfuscated code?

If the government had a good reason to suspect that your obfuscated code was hiding the whearabouts of Osama Bin Laden, then I am sure it would be de-obfuscated in time and with enough talent. Otherwise, it is good as safe.
0
 
LVL 2

Author Comment

by:davidastle
ID: 11778814
Well lets say that someone made Doom 4 (skipping some versions of doom) in C# and obfuscated it with a free obfuscation program.  Now this doom version is so advanced that learning the source code is $$$.  So a new company wants to make Quake 4 (for some reason that have no affiliation with the doom company).  Would it be easier for them to reverse engineer the obfuscated code and change enough things to not get sued and then call it Quake 4 or would it be easier for them to write Quake from scratch?
Now, that same company that made Doom 4 decides to make Doom 5.  For some strange reason, the quake company wants to make Quake 5!  This time, the doom company obfuscates the code with a $1500 program (dotfuscator).  Now would it be worth it for the quake company to reverse engineer the doom company's code?
0
 
LVL 37

Accepted Solution

by:
gregoryyoung earned 400 total points
ID: 11779185
it would nearly be the equivalent of disassembling x86 code ...
0
 
LVL 2

Author Comment

by:davidastle
ID: 11779832
So noone on earth knows how long it would take?
0
 
LVL 96

Assisted Solution

by:Bob Learned
Bob Learned earned 60 total points
ID: 11794166
There are times when obfuscation can cause problems, but, unless you are using Reflection or some other fancy technology, then I don't think that you have anything to worry about.

It's like car theft--you can protect your vehicle with as much gadgets as you can, but if somebody really wants in bad enough, they'll find a way.

Bob
0
 
LVL 37

Assisted Solution

by:gregoryyoung
gregoryyoung earned 400 total points
ID: 11794384
one really needs to ask the question of how valuable is your information ? reverse engineering code is generally a difficult task, especially if you have a large application. Getting the source code to an app and understanding that source code are two very different things (especially when you consider that all your method names will be mangled so the person would actually have to look at the code to figure out what every method did. It is a possibility that this could be done, but then again it is possible that someone could just ngen your code to native code and use a classical disassembler to get into your code. There is always a level that a persistant person can pass. Look at SSL, with local access to the machine you could feasably find the private key in memory.
0
 
LVL 37

Assisted Solution

by:gregoryyoung
gregoryyoung earned 400 total points
ID: 11794462
Also in your doom example there is another level of security there ... Generally speaking not all of your code is sent out in a release. In the example of doom, you would have your level editors etc that they would need to rewrite. They would also then have to do a full new set of data (which is actually the majority of the work).
0
 
LVL 2

Author Comment

by:davidastle
ID: 11794503
Well, this thread was fun.  
0

Featured Post

Revamp Your Training Process

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Where does legacy ASP.NET initialize language? 2 100
Why use this lambda? 12 95
Visual C# Windows Project - Clone Form 4 39
Removing Version of .NET in Windows 10 17 119
It seems a simple enough task, yet I see repeated questions asking how to do it: how to pass data between two forms. In this article, I will show you the different mechanisms available for you to do just that. This article is directed towards the .N…
Today I had a very interesting conundrum that had to get solved quickly. Needless to say, it wasn't resolved quickly because when we needed it we were very rushed, but as soon as the conference call was over and I took a step back I saw the correct …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
In an interesting question (https://www.experts-exchange.com/questions/29008360/) here at Experts Exchange, a member asked how to split a single image into multiple images. The primary usage for this is to place many photographs on a flatbed scanner…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question