15,684,400 members 701 psicosix

articles quick answers discussions features community help Search for articles, questions, tips

Articles / Programming Languages / MSIL

Watch  

Protect Your Source Code from Decompiling or Reverse

Engineering .NET Assemblies
Arun Endapally Rate me: 4.92/5 (53 votes)

6 Nov 2016 Ms-PL 3 min read

How to protect your source code from decompiling or reverse engineering

Many developers are still not aware that Portable Executable (PE) files can be decompiled to readable source code. Before learning how to
prevent or make it hard for the decompilers to reverse engineer the source code, we need to understand a few basic concepts.

What is a Portable Executable file?

When source code is complied, it generates a Portable Executable (PE) file. Portable Executable (PE) is either a DLL or an EXE. PE file contains MSIL
(Microsoft Intermediate Language) and Metadata. MSIL is ultimately converted by CLR into the native code which a processor can understand.
Metadata contains assembly information like Assembly Name, Version, Culture and Public Key.
How Can We Get Source Code from DLL or EXE?

Yes, we can get the source code from DLL or EXE. To demonstrate this, let's create a simple application first.

Open Visual Studio, create a new project and select console based application.

Add some sample code into the Program.cs:

C# Shrink ▲  

using System;

namespace MyConsoleApp
{
internal class Program
{
private static void Main(string[] args)
{
Console.WriteLine(PublicMethod());
Console.WriteLine(PrivateMethod());
}

public static string PublicMethod()

{
// Your source code here
return "Public Method";
}

private static string PrivateMethod()

{
// Your source code here
return "Private Method";
}
}
}

Now build the application, an EXE will be generated in the bin/debug folder:

Now let's try to get the source code from the EXE file. For the first, open Visual Studio command prompt.
Type ildasm and hit enter. ILDASM is MSIL Disassembler. It basically has an ability to read Intermediate Language.

ILDASM will open, now open the EXE file we created.

As we can see, ILDASM disassembles the EXE and lots of useful information can be retrieved, though it does not provide the original source code
completely, a lot can be interpreted. The easy way to reverse engineer and get the exact source code is that there are decompliers available in the
market for free such as Telerik JustDecompile and Jet Brains dotPeek which can convert the Intermediate Language into the original source code.
As we can see in the above screenshot when we open the EXE with Telerik JustDecompile, we are able to see the original source code. This can
lead to piracy and ultimately you can lose your profits.

How to Prevent EXE and DLL from Getting Decompiled?

The process of protecting the EXE and DLL from getting decompiled into the original source code is called Obfuscation. There are a lot of paid
and free software available to Obfuscate the .NET assemblies, Dotfucator from PreEmptive Solutions is one of the popular ones and their
community edition is free and included with Visual Studio. If you are interested in buying other versions, check out this comparison. The
Dofuscator community edition has limited features and the professional edition is very expensive. So instead of gaining profits by protecting
them from reverse engineering, we will end up spending a lot on Obfuscation.

One of the best alternate utilities for obfuscating is ConfuserEx. It is completely free and opensource. You can download ConfuserEx from here.
After downloading, extract the zip into a folder and then run ConfuserEx.exe.

Drag and drop the EXE you want to protect on the ConfuserEx or you can manually select Base Directory, Output Directory and add the DLL or
EXE.
Once you are done setting up the directories and adding DLL or EXE, go to the Settings tab in ConfuserEx. You can either add rules to Gobal
settings or set individually for each DLL or EXE.
Click on “+” button, you will see “true” under Rules. Now click on edit rule (button below “-”).
On clicking edit rule, a new window will appear as shown below. Click on “+” button.
You can select different ways to add levels of protection. If you want to learn Obfuscation in depth, check out this article.
Select only with “Anti IL Dasm” and “Anti Tamper”, that is enough for making it hard enough to reverse engineer for the decompilers.
After you click on Done, go to Protect tab and click on Protect button.
You can find the protected DLL or EXE in the output directory selected.
Test the EXE or DLL generated by ConfusedEx and check if it is working as usual. Now try to decompile it with a decompiler.

As we can see, the confused DLL or EXE which gets generated by ConfuserEx cannot be decompiled any more.
This article was originally posted at http://www.arunendapally.com/post/protect-your-source-code-from-decompiling-or-reverse-engineering

License
This article, along with any associated source code and files, is licensed under The Microsoft Public License (Ms-PL)

Written By

Arun Endapally
Architect Thomson Reuters
 India

This member has not yet provided a Biography. Assume it's interesting and varied, and probably something to do with programming.

Watch

Comments and Discussions

 

Add a Comment or Question    Email Alerts Search Comments

Spacing Relaxed   Layout Normal   Per page 25     Update

First Prev Next

Virus bir yaz 27-May-21 23:00 

Re: Virus Arun Endapally 10-Jun-21 2:28 

My vote of 5 Tech Code Freak 4-Apr-21 8:05 

not working for me showing error neeraj_ 24-Feb-21 1:21 

Message Closed neeraj_ 24-Feb-21 0:59 

what about new .net core publish options; dotPaek not able to decompile don't check other maxoptimus 3-Oct-20 13:43 
simple options

Support Member 14925648 2-Sep-20 17:36 

This is a dangerous Virus! don't use ConfuserEx.exe Ahmed Risa 27-Aug-20 0:24 

dotPeek can still decompile the exe rehmaknatiq 18-Jun-20 7:30 

Re: dotPeek can still decompile the exe khaliljkazi@gmail.com 15-Jul-20 22:57 

Re: dotPeek can still decompile the exe Member 14784812 31-Jul-20 11:35 

Re: dotPeek can still decompile the exe vishal_h 22-Sep-20 7:06 

Thank you! Anderson A D Nunes 1-May-20 1:47 

My vote of 5 Jared Drake 18-Feb-20 7:55 

Perfect article! Jared Drake 18-Feb-20 8:18 

My vote of 5 whitesoul01 10-Oct-19 10:53 

Thanks AliBayat.2008 24-Aug-19 23:03 

Not worked with WPF application Shailesh vora 31-Jul-19 1:48 

protect in memory after obfuscation gianmarcocastagna_ 22-Mar-18 10:05 

ConfuserX - Unpacker Soran Sobhani Rad 21-Feb-18 2:53 

Protect compact framework EXE File Member 2124356 8-May-17 1:43 

Re: Protect compact framework EXE File Arun Endapally 30-May-17 13:24 

My vote of 5 Аslam Iqbal 6-Nov-16 22:59 

Change the title to reflect you are talking about .Net assemblies only the Kris 5-Nov-16 5:26 
 Re: Change the title to reflect you are talking about .Net assemblies only Arun Endapally 6-Nov-16 1:35 

Last Visit: 27-Jun-23 18:36     Last Update: 27-Jun-23 19:36 Refresh 1 2 Next ᐅ

General    News    Suggestion    Question    Bug    Answer    Joke    Praise    Rant    Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

Permalink Layout: fixed | fluid Article Copyright 2016 by Arun Endapally

Advertise Everything else Copyright © CodeProject, 1999-2023
Privacy
Cookies Web01 2.8:2023-05-13:1
Terms of Use