Crypto Obfuscator – There are a few things that I consider rather important when developing an application for resale. Two of those are licensing and protecting your source code.
If you had to sell an application, would you be confident enough that the source could not be reverse engineered? There are free tools that can be downloaded that are very good at doing just that.
One of the ways to protect your code is through obfuscation. There are various tools that you can use. You can even use the community edition of Dotfuscator that comes with Visual Studio to protect your code. This however is basic obfuscation.
Crypto Obfuscator – Unobfuscated Decompile Test
If you are looking for something that offers more than the basic obfuscation, check out Crypto Obfuscator For .Net by LogicNP Software. I had the chance to give it a whirl, and I was impressed with the level of obfuscation it provided. To test it, I created a basic application that read the major towns in South Africa from a Web Service (I used WebserviceX.NET that serves 6,000,000+ web services transactions every day).
I then passed the selected town to the GetWeather operation for the Web Service that returned a simple weather forecast.
As you can see, it’s a bit cool this evening.
The application isn’t complex at all. It consists of a Web Service reference, a class called Forecast and a Windows Form to display the results.
Using JustDecompile from Telerik I decompiled the executable created by the application output. As you can see, the Forecast DLL and form are clearly visible in the decompiled code.
This is the code displayed to us in JustDecompile. As you can see it is very easy to understand what is going on in the form load event.
Here is some more code, this time from the class called Forecast. All this code was gleaned from using Telerik’s JustDecompile tool.
Crypto Obfuscator – Obfuscated Decompile Test
Let’s run our assembly through Crypto Obfuscator. Start the tool and click on the ‘Add Assemblies’ button.
Crypto Obfuscator is really very straightforward and easy to use.
As you can see, there are quite a few settings across multiple tabs that you can configure.
Having a look at just the Advanced Protections of the obfuscation settings, you will see the different options available to you. These are:
- Encrypt Strings
- Encrypt Constant Values/Arrays
- Encrypt Method Bodies (IL Code)
- Protect Against ILDASM
- Enable Anti-Debug + Anti-Tracing Protection
- Enable Tamper Detection
Go ahead and configure your obfuscation settings, and then click on the Obfuscate button.
When the obfuscation is complete, an output folder will be created for you with the obfuscated exe. In the screenshot above, the exe displayed is the un-obfuscated exe.
Having a look at the obfuscated exe you will notice that the exe has increased in size, but this is natural as obfuscation does add extra ‘code’. Let’s go ahead and look at the obfuscated exe using Telerik’s excellent JustDecompile tool.
Having a look at the output, we can see that it looks quite a bit different.
Something that resembles Form Load is obfuscated and does not make sense at all. I could also not even find the Forecast class I created. Even for me (who knew the layout of the code) couldn’t string any code together or infer what the code is doing from looking at the obfuscated output. The chances are that anyone else who looks at your code will not get very far.
Conclusion
You can obfuscate assemblies, XBAP and WSP projects, VSTO projects, ClickOnce apps, Silverlight projects, WPF projects, SQL CLR assemblies, Mono assemblies, ASP.Net projects, WinRT assemblies, Unity 3D assemblies and Controls, Components and Libraries. Another great feature is that you can integrate obfuscation into your Visual Studio projects. After integration, assemblies are automatically obfuscated when you build your Visual Studio project.
As you can see, the obfuscated code is very secure. Crypto Obfuscator is a great and affordable product for any developer or company wanting to secure their IP. Download A Free Trial Of Crypto Obfuscator For .Net today, and see what the application can do to secure your code.