Results 1 to 14 of 14

Thread: How are you protecting your .net applications?

  1. #1

    Thread Starter
    Member
    Join Date
    Dec 2004
    Posts
    37

    How are you protecting your .net applications?

    What are you doing to thward hackers and competitors from reverse engineering your products?

    I have not seen this topic discussed on this forum.

  2. #2
    Ex-Super Mod RobDog888's Avatar
    Join Date
    Apr 2001
    Location
    LA, Calif. Raiders #1 AKA:Gangsta Yoda™
    Posts
    60,709

    Re: How are you protecting your .net applications?

    .NET has a utility called Dotfucator. It helps prevent reverse engineering of your program.

    HTH
    Attached Images Attached Images  
    VB/Office Guru™ (AKA: Gangsta Yoda®)
    I dont answer coding questions via PM. Please post a thread in the appropriate forum.

    Microsoft MVP 2006-2011
    Office Development FAQ (C#, VB.NET, VB 6, VBA)
    Senior Jedi Software Engineer MCP (VB 6 & .NET), BSEE, CET
    If a post has helped you then Please Rate it!
    Reps & Rating PostsVS.NET on Vista Multiple .NET Framework Versions Office Primary Interop AssembliesVB/Office Guru™ Word SpellChecker™.NETVB/Office Guru™ Word SpellChecker™ VB6VB.NET Attributes Ex.Outlook Global Address ListAPI Viewer utility.NET API Viewer Utility
    System: Intel i7 6850K, Geforce GTX1060, Samsung M.2 1 TB & SATA 500 GB, 32 GBs DDR4 3300 Quad Channel RAM, 2 Viewsonic 24" LCDs, Windows 10, Office 2016, VS 2019, VB6 SP6

  3. #3
    I'm about to be a PowerPoster! mendhak's Avatar
    Join Date
    Feb 2002
    Location
    Ulaan Baator GooGoo: Frog
    Posts
    38,170

    Re: How are you protecting your .net applications?

    I'd think of protecting it if it were a commercial application/product.

  4. #4
    Ex-Super Mod RobDog888's Avatar
    Join Date
    Apr 2001
    Location
    LA, Calif. Raiders #1 AKA:Gangsta Yoda™
    Posts
    60,709

    Re: How are you protecting your .net applications?

    Quote Originally Posted by mendhak
    I'd think of protecting it if it were a commercial application/product.
    With Dotfuscator or something else?
    VB/Office Guru™ (AKA: Gangsta Yoda®)
    I dont answer coding questions via PM. Please post a thread in the appropriate forum.

    Microsoft MVP 2006-2011
    Office Development FAQ (C#, VB.NET, VB 6, VBA)
    Senior Jedi Software Engineer MCP (VB 6 & .NET), BSEE, CET
    If a post has helped you then Please Rate it!
    Reps & Rating PostsVS.NET on Vista Multiple .NET Framework Versions Office Primary Interop AssembliesVB/Office Guru™ Word SpellChecker™.NETVB/Office Guru™ Word SpellChecker™ VB6VB.NET Attributes Ex.Outlook Global Address ListAPI Viewer utility.NET API Viewer Utility
    System: Intel i7 6850K, Geforce GTX1060, Samsung M.2 1 TB & SATA 500 GB, 32 GBs DDR4 3300 Quad Channel RAM, 2 Viewsonic 24" LCDs, Windows 10, Office 2016, VS 2019, VB6 SP6

  5. #5
    I'm about to be a PowerPoster! mendhak's Avatar
    Join Date
    Feb 2002
    Location
    Ulaan Baator GooGoo: Frog
    Posts
    38,170

    Re: How are you protecting your .net applications?

    Dotfuscator, yes. And there are some (ironically) commercial solutions to protect your applications out there.

    But from what I know of Reflection, if someone is really really determined, your .NET isn't completely safe. One way I've heard of is to actually write the most "important" part of the code in C++, compile as a DLL, and use Interop to use it in your .net app! I don't like that approach, but hey, to each his own right?

    Microsoft has a list of tools here for protecting apps, and it seems to be Obfuscators all the way. Their algos might vary, I suppose.

  6. #6
    Addicted Member Codehammer's Avatar
    Join Date
    Aug 2004
    Posts
    164

    Re: How are you protecting your .net applications?

    Hows that Thing Work, It Seems to Search for xml or Some type of file eXTENSION? I Thought You could Just Find the .exe and come back after Coffee and Surprize!
    Curiosity SKILLED the cat
    Google Talk from your Mobile phone

    Chat from your mobile or get an emulator like J2ME Wireless Toolkit 2.2

  7. #7
    Your Ad Here! Edneeis's Avatar
    Join Date
    Feb 2000
    Location
    Moreno Valley, CA (SoCal)
    Posts
    7,339

    Re: How are you protecting your .net applications?

    As a side note Obfuscation can jack some reflections situations. I don't mean someone else trying to reflect or reverse your code I mean your code using reflection to evaluate things at runtime. Since the Obfuscation changes the type names and types and things of that nature then I wouldn't recommend any heavy reflection in the code it seems to get confused.

  8. #8
    type Woss is new Grumpy; wossname's Avatar
    Join Date
    Aug 2002
    Location
    #!/bin/bash
    Posts
    5,682

    Re: How are you protecting your .net applications?

    Dotfuscator is crap. In addition to Edneeis' comments, it can also bugger up binary serialisation and backwards compatibility with stuff.

    "Removing unused fields" is not a good option to go for.
    I don't live here any more.

  9. #9
    PowerPoster
    Join Date
    Jul 2002
    Location
    Dublin, Ireland
    Posts
    2,148

    Re: How are you protecting your .net applications?

    First you need a license agreement that makes it clear that reverse engineering is not permitted. That way anyone doing so knows that they are breaking the rules.

    Next look at obfiscation of the code that handles licensing and and really clever proprietry algorithms but don't bother obfiscating the whole application.

  10. #10
    I'm about to be a PowerPoster! mendhak's Avatar
    Join Date
    Feb 2002
    Location
    Ulaan Baator GooGoo: Frog
    Posts
    38,170

    Re: How are you protecting your .net applications?

    A few more links I've come across while googling:

    www.uspto.gov

    http://www.c-sharpcorner.com/Security/ProtectILCode.asp

    - Anti Cracking FAQ How to make cracking your programs a little
    harder
    ( http://www.inner-smile.com/nocrack.phtml )

    - Defending Shareware Against Cracks by Adam Smith
    ( http://www.senseofsecurity.com/sharenc.asp )

    - Protect your programs from piracy
    ( http://webdon.com/vitas/antihack.asp )

    - How To Protect Better
    ( http://www.searchlores.org/protec/protec.htm )

  11. #11

    Thread Starter
    Member
    Join Date
    Dec 2004
    Posts
    37

    Re: How are you protecting your .net applications?

    Obfuscation is a very weak way of protection your .net application imho. Even though the names are now scewed the source is still visible with a IL Object browser.. Sure some may throw in some goofy code to throw off people but you can still pull the code right out of your .net exe's..

    Anyone do any research on thinstall or remotesoft?

    www.thinstall.com
    www.remotesoft.com

  12. #12
    Your Ad Here! Edneeis's Avatar
    Join Date
    Feb 2000
    Location
    Moreno Valley, CA (SoCal)
    Posts
    7,339

    Re: How are you protecting your .net applications?

    I would suggest reverse engineering an application and see how easy or hard it is. Then obfuscate it and try again and see if that is more effort than you think someone else will put into it. Then think of what it would be like for a larger application.

    There really isn't much if anything that will fully protect you, so you are basically just trying to make it harder to do.

  13. #13

    Thread Starter
    Member
    Join Date
    Dec 2004
    Posts
    37

    Re: How are you protecting your .net applications?

    Obfuscators claim more protection than they can delivery..

    for one, string encryption.. Sure you can't read the strings directly with your .net Object Browser but you can view the string decription function so all you have to do is pass the encrypted strings through this function and poof, there goes your "string encryption".

    I believe obfuscation will only thwart those that do not know how to reverse engineer applications. It can be confusing to look at but you still have all functions in plain sight. Hard to protect algorithms when competitors can simply pull them out of your exe.

  14. #14
    Fanatic Member
    Join Date
    Oct 2003
    Posts
    1,005

    Re: How are you protecting your .net applications?

    I know, old post...

    So, how do we protect our apps?
    What was MicroSoft thinking??

    Them boneheads....

    .

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  



Click Here to Expand Forum to Full Width