Re: Running .Net 2.0 Application without having .Net Framework installed

Tech-Archive recommends: Speed Up your PC by fixing your registry

Huihong wrote:
You are again talking about a different thing. I said the BEST
protection against people to get back the source code from .NET
assemblies.

Let's do this: give me some .NET assembly that you think is better
protected and decrypted at runtime, I will get the source code for you.
In turn, I will give you a native compiled .NET assembly, I bet you
just won't be able to get the source code back. Is this simple?

Of course one can't get the source code back. That is impossible as soon as you compile the code without including debug information. You don't need to compile it to native code for that.

All you are talking about is to prevent some kind of license key
hacking and cracking piece of the code.

In terms of encrypt and decrypt at runtime, it's nothing to protect
.NET code, may be good for native code. You don't see that the CLR
engine needs to be feeded with IL code, no matter how fancy you do with
the encryption, by the time code is executed, it MUST be in IL code
format. I can easily dump them out at that moment. If that is what you
think the best protection, that's nonsense.

The encryption/decryption/anti-debugging/anti-tracing/memory protection
on top of native code is another layer of protection, but only after
native code is available, which is what exactly our tool does right
now. Without native code, those means don't make sense.

Of course I was not talking about encrypted managed code. That would be pointless. I am surprised that you even thought that I did.

When you are talking about compiling to native code as the BEST protection, it sounds like there is nothing more advanced that you could ever do. I merely pointed out that I have seen protection that go far beyond that.

There are so many people claim that native code is as easy decompiled
as Java/.NET, I just don't buy it. It is a totally false statement, and
very deceiving. The scale and easiness of decompilation is so much
different. Give you a 5 MB native exe, you will be overwhelmed by
disassembling, the most one can do is to crack some keys. On the other
hand, give you a 5 MB .NET assembly, one can easily dump out all source
code.

Decompiling native code doesn't differ much from decompiling IL code. The process to produce the native code is reversible in the same manner that the process to produce IL code is.


Göran Andersson wrote:
I have seen far better protection, like code that is decrypted in
realtime as it is executed. There you have something that is really hard
to reverse engineer. Native code is childs play in comparison, and
hardly the BEST.

Huihong wrote:
I guess what I meant here is not able to convert to source code using
any decompilers. Of course, you can disassemble the x86 instructions,
and follow the debugger to extract certain info, but there is no
decompiler available to turn that into source code. The original .NET
images, before native compilation, can be very easily decompiled. If
you think you have better ways than native code to defend against
reverse engineering, I would be deadly suprised. This is the BEST
protection.

Göran Andersson wrote:
Guaranteed that your code is not able to be reverse engineered.
Excuse me, but that is nonsense. If the code can be executed, it can
also be reverse engineered.

.

Relevant Pages

  • Re: Running .Net 2.0 Application without having .Net Framework installed
    ... assemblies. ... I will get the source code for you. ... may be good for native code. ... think the best protection, that's nonsense. ...
    (microsoft.public.dotnet.framework)
  • Re: huge array
    ... impossilbe due to compiler optimization etc. ... quite possilbe to get a good enough understanding from the native code to ... protection at all - which is why there are products to obfuscate native code ... full decompiling, ...
    (microsoft.public.vb.general.discussion)
  • Re: Reverse Engineering a VB exe
    ... If it's a VB4 program, you MIGHT have a chance at decompiling it to ... something resembling VB source code. ... VB5 and VB6 compile to native code. ...
    (microsoft.public.vb.general.discussion)
  • Re: Brad, hate to burst your bubble re file creation date....
    ... have the source code; and, the issue I have told all about), just ... shows you are trying to lie and mislead, ... > By now most peeps should know the doc has virtually no protection. ... > Therefore your *cough* proof t'aint wurth a chit. ...
    (sci.psychology.psychotherapy)
  • Re: GNU License Question, On Change of Code
    ... >> implications on attempts to get patent protection. ... no restrictions on distribution of the source code. ... something public if not by publishing it on the front page of the New York ...
    (comp.os.linux.development.system)