Re: Code protection

From: "Ignacio Machin \( .NET/ C# MVP \)" <ignacio.machin AT dot.state.fl.us>
Date: Wed, 6 Apr 2005 15:00:32 -0400

Hi,

Did you try to obfuscate it first?

I would suggest you to use the tools accesible to the framework. In your
solution you encrypt the dll, meaning that the file in the HDD is not longer
a DLL, it's a data file. hence the framework cannot do nothing with it, you
cannot register it in the GAC, not using versionsing.

I would give a try to obfuscation first. Take a look at the community
version shipped with .NET

cheers,

--
Ignacio Machin,
ignacio.machin AT dot.state.fl.us
Florida Department Of Transportation

"Boni" <oilia@nospam> wrote in message
news:OSuiEWtOFHA.576@xxxxxxxxxxxxxxxxxxxxxxx
> Dear all,
>
> in order to protect my assembly component from decompilation I implemented
> following schema:
>
> I created mixed mode C++ project wich has managed cProxy class and
> unmanaged cMemLoader. In the cMemLoader I load encrypted assembly, decrypt
> it into memory buffer and then marshal this buffer into managed memory and
> load the assembly from memory.
>
> Although I am not sure if this approach is good enough and how easy is it
> to break.
>
> Can anybody comment on this? Improvements are welcome too.
>
> Thanks in advance,
>
> Boni
>
>
>
> void cProxy::Load(void){
>
> m_pLoader=new cMemLoader(C:\\edit\\MyEncriptedManaged.dll
>
> m_pLoader->DecriptLoad();
>
>
> unsigned char _pManagedBuff __gc[]=__gc new unsigned char __gc
> [m_pLoader->m_file_size] ;
>
> Marshal::Copy(m_pLoader->m_pBuff,_pManagedBuff,0,m_pLoader->m_file_size);
>
> delete m_pLoader;
>
> m_Asm= Assembly::Load(_pManagedBuff);
>
> System::Type *_Types __gc[]= m_Asm->GetTypes();
>
> Object *_Instance = 0;
>
> MethodInfo *_Methods __gc[]= _Types[0]->GetMethods();
>
> _Instance = System::Activator::CreateInstance(_Types[0]);
>
> _Methods[0]->Invoke(_Instance,0);
>
> }
>
>
>
>

.

Follow-Ups:
- Re: Code protection
  - From: Boni

References:
- Code protection
  - From: Boni

Prev by Date: Re: closing and disposing
Next by Date: Re: closing and disposing
Previous by thread: Code protection
Next by thread: Re: Code protection
Index(es):
- Date
- Thread

Relevant Pages

Re: if I encrypt key data why do I want or need SSL?
... I could encrypt the ... name DLL responsible for all security aspects, ... Its trivial to decompile ANY .net ... For someone to send your web service they have to know the key? ...
(microsoft.public.dotnet.security)
Re: Framework version issues
... Then as you compiled the dll, ... was compiled with the v1.1 of the Framework. ... would be the case with compiling with either 2002 or 2003 versions of VS.NET ... If you don't have a test server, ...
(microsoft.public.dotnet.languages.csharp)
Re: Obfuscating web apps
... ..Net Developer ... I've developed a web app that may be distributed to a few companies, ... App_Code dll for about 15 or so classes, and then several dozen for the ... So, to obfuscate my business logic, I ...
(microsoft.public.dotnet.framework.aspnet)
Re: VS wont allow sharing CF and desktop projects with each others solutions
... You can add a reference to a Compact Framework compiled dll to a desktop ... > project which I specified would target the CF, ...
(microsoft.public.dotnet.framework.compactframework)
Re: Urgent: Securing a .net 1.1 application
... code will only load if the public key is the same, ... You could encrypt some functionality into a dll and load it at ...
(microsoft.public.dotnet.security)