Page 2 - Review: Eschew Obfuscation? Maybe You Shouldn't.

Review: Eschew Obfuscation? Maybe You Shouldn't. - ' How It Works '
( Page 2 of 4 )

How It Works

To hide your code, the .NET obfuscation tool reads the IL and transforms it in a way that makes it very difficult, if not impossible, to disassemble and decompile. To demonstrate, I will use a simple, canonical “Hello, World!” application to show how easy it is to decompile before obfuscation and how difficult it can be to decipher after obfuscation.

Listing 1: Hello, World source code in C#.

using System;

namespace HelloWorldObfuscated
{
  public class MainClass
  {
    [STAThread()]
    public static void Main()
    {
      Console.WriteLine("Hello, World!");
      Console.ReadLine();
    }
  }
}

The code in Listing 1 prints "Hello, World!" to the console and waits for the Enter key to be pressed. Figure 1 shows how easily ILDASM can disassemble the .EXE file generated by .NET.

Figure 1: Decompiled executable using Microsoft's provided tool.

If you have ever programmed in assembly language, the code in Figure 1 is immediately recognizable as a string constant and two method calls. With a just a bit of intuition, an average programmer can learn to read and write MSIL.

While this is an intentionally simple example, don't be lulled into complacency; ILDASM, Anakrino, and Reflector can decompile IL at any level of complexity. Figure 2 shows Reflector's view of the same executable. (You can download Anakrino to see another implementation of a decompiler and disassembler.)

Figure 2: With Reflector, source code is generated from the IL.

No skill is needed to recreate the source code. Reflector does it for you.

Using the (Built-In) Community Edition

With the community edition of Dotfuscator—the one built in—we can obfuscate our assembly. The Dotfuscator Community Edition is accessible from the .NET Tools menu.

Figure 3 shows the Hello World IL, disassembled with ILDASM, after I obfuscated it using the Community Edition. The same IL is visible; just the namespaces are changed (as illustrated by the comment at the end of the MSIL listing in Figure 3).

Figure 3: ILDASM's view after obfuscation.

Listing 4 shows Reflector's view of the Community Edition's obfuscation. There is little discernible difference between the pre- and post-obfuscated versions as far as Reflector is concerned.

Figure 4: Reflector easily decompiles the community edition's obfuscated code.

Clearly, if you're serious about obfuscation, you'll want more features. Several of them are available in the Standard and Professional editions.

Next: ' Moving Up To Pro ' >>

	Discuss Review: Eschew Obfuscation? Maybe You Shouldn't.

	>>> Be the FIRST to comment on this article!



	>>> More Add Ons Articles >>> More By Paul Kimmel


Contact us \| Advertise \| Site Map
	Ziff Davis Enterprise Home \| Contact Us \| Advertise \| Link to Us \| Reprints \| Magazine Subscriptions \| Newsletters Tech RSS Feeds \| White Papers \| ROI Calculators \| Tech Podcasts \| Tech Video \| VARs \| System Builder
	Baseline \| Careers \| Channel Insider \| CIO Insight \| DesktopLinux \| DeviceForge \| DevSource \| eSeminars \| eWEEK \| Enterprise Network Security \| LinuxDevices \| Linux Watch \| Microsoft Watch \| Mid-market \| Networking \| PDF Zone \| Publish \| Security IT Hub \| Strategic Partner \| Web Buyer's Guide \| Windows for Devices
	Developer Shed \| Dev Shed \| ASP Free \| Dev Articles \| Dev Hardware \| SEO Chat \| Tutorialized \| Scripts \| Code Walkers \| Web Hosters \| Dev Mechanic \| Dev Archives \| igrep Use of this site is governed by our Terms of Use and Privacy Policy
	Copyright ©1996-2008 Ziff Davis Enterprise Holdings Inc. All Rights Reserved. DevSource is a trademark of Ziff Davis Enterprise, Inc. Reproduction in whole or in part in any form or medium without express written permission of Ziff Davis Enterprise Inc. is prohibited. Microsoft is a registered trademark of The Microsoft Corporation.