Sign in to follow this  
thannett

Unity [.net] Making .Net Decompilation Harder

Recommended Posts

I've been working on an application in C++ .Net for a couple of months now, and I'm thinking about possibly selling it. So I was looking around at ways to secure .Net applications when I found Reflector. According to the website, Reflector does the following: "Reflector is the class browser, code explorer, code analyzer and documentation viewer for .NET. Reflector allows to easily view, navigate, search, decompile and analyze .NET assemblies in C#, Visual Basic, C++, IL assembly, Delphi and Chrome." So I ran it on my application, and pretty soon it was giving me the sourcecode to my application. Since then I've been trying to find ways to thwart the decompiler, there are several different solutions that I have come acrossed, but they are all fairly pricy. I've got Dotfuscator Community Edition, but most of it's features are turned off, and I don't know if it will offer much protection. So I was wondering if you guys knew any free solutions? Thx.

Share this post


Link to post
Share on other sites
In .NET, go to your project properties. Start with release mode. Turn on all the optimization settings you can. Turn off all the debug settings you can. I think the key one is omit frame pointers. I've heard that helps. Once you tweak all the settings, do a clean rebuild and try to decompile that.

Hope it helps.

Share this post


Link to post
Share on other sites
Quote:
Original post by thannett
Since then I've been trying to find ways to thwart the decompiler, there are several different solutions that I have come acrossed, but they are all fairly pricy. I've got Dotfuscator Community Edition, but most of it's features are turned off, and I don't know if it will offer much protection.

If you're not willing to fork out any money to protect your code, then what are you trying to protect against?

It may be depressing but the sad fact is this: your code[1] is worthless to other people. It needs assets, build processes, build tools, etc. etc. to be actually usable - and even then it's still not worth much, most code is filler, boiler plate stuff which is heavily tied to the way you've done things.

IMHO the only real reason you'd care was if you genuinely had some new/revolutionary/unique algorithms that you don't want someone else to see. And if you've got that then forking out some money for proper obscurification tools shouldn't be a problem.

[1] By which I mean your code, my code and pretty much all code out there.

Share this post


Link to post
Share on other sites
That's true... I would fork out some money, but the sad fact is that I don't have any to fork out. I'd like to have some kind of protection, because I'd like to try to sell this application, so it'd be nice if people couldn't look at my code and remove any copy protection that I put in. I guess your right, nobody is really going to care that much about decompiling my app, it just bothers me that people can pop open my app and see the source like that. Thx.

Share this post


Link to post
Share on other sites
Unavoidable, really. When you get down to it the Framework has to be able to read your application so no matter how much you obfuscate it, it must remain readable to the Framework. shrug. C++ is decompilable as well - however, it didn't retain all the metadata which provides for the clean C# decompilations. (That same metadata is required for .Net to analyze and work with your assemblies.)

No matter what you do - application or game - it'll be pirated and stolen. There's still a great number of people in the world who are honest and will pay you for your efforts, if they find them worthwhile.

Share this post


Link to post
Share on other sites
Your best defence is to sign your assemblies. This does not encrypt them, however it means that if someone were to crack one, they would have to crack all of them, as any modifications to a single assembly would prevent the others from running.
This is most advantageous with web apps that download new content (and code potentially) at runtime. If you wanted to get tricky, you could send a serialised object over the web, get the server to check the public key, and then send a modified object back which is used by the app. To make it more tricky, you can do funky things like put a stack walk in the static constructor of the serialised type, to make sure the correct app is initalising it.

But at the end of the day, the harder you make it, the more challenge it will be to crack, and the bigger challenge the more fun the cracker will find it. You can end up encouraging piracy.

Just as long as you are carful with your users private details then you are ok. Ie salting passwords, etc (in the case of an internet aware app).

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this  

  • Partner Spotlight

  • Forum Statistics

    • Total Topics
      627662
    • Total Posts
      2978519
  • Similar Content

    • By Jcyshadow97
      Hi,guys.I m working on a Fantasy RPG.Currently i m work alone on the project.I really need someone can make UI stuff.If someone can handle it please feel free to contact me on email: 270514974@libero.it.
      Thank you guys and sorry for my english.
       
       



    • By STRATUM the Game
      Hey, everyone! This is my first post here.
      I would like to know what you think about my project called STRATUM. It's a 2D platformer that is heavily based on storytelling and boss fighting while trekking through the world.

      Everything in STRATUM takes place in the first century AD, in a world that wraps our own universe, called  The Stratum. A parallel Universe that is the home of the Christian deities . In this game you will play as a Dacian warrior, unfamiliar with everything in this world, you’ll get to know and understand The Stratum together with him.
      The main thing that I want with STRATUM is to reinvent the known lore and history of the Christian deities and realms. 
      The story is unconventional, it plays down a lot of the mysticism of Hell or Heaven and it gives it a more rational view while keeping the fantastic in it. What do I mean by that? Well, think about Hell. What do you know about it? It's a bad place where bad people go, right? Well, that's not the case in STRATUM. I don't want to describe such a world. In STRATUM, there is a reason for everything, especially for the way Hell is what it is in the game. "Hell" is called The Black Stratum in the game.
      This world is not very different from Earth, but it is governed by different natural laws.
      The story will also involve the reason why this world entered in touch with ours.

       
      What do you think about all that I said? Would you be interested in such a game? I have to say that everything is just a work of fiction made with my imagination. I do not want to offend anyone's beliefs.
      I want this to be a one man game. I have been working alone on it (this was my decision from the beginning) from art to effects to programming to music to sound effects to everything.
      I also have a youtube video HERE if you want to see the way the game moves and the way my music sounds.
      Please, any kind of feedback will be highly appreciated. If you have something bad to say, do it, don't keep it for yourself only. I want to hear anything that you don't like about my project.
       
    • By LimeJuice
      Hi, it's my first post on this forum and I would like to share the game I am working on at the moment.
      Graphics have been made with Blender3D using Cycle as a renderer and I am using Unity3D. It's a 2D game, one touch side-scrolling game for iOS and Android.
      Here some pictures, and you can have a look to the gameplay on this video :
      Feedbacks ?
      And if you want to try it, send me your email and I will add you to the beta tester list!
       
       








    • By Kirill Kot
      An adventure indie game with quests in a beautiful, bright world. Characters with unique traits, goals, and benefits. Active gameplay will appeal to players found of interactivity, especially lovers of quests and investigations.
      Available on:
      Gameroom (just open the web page and relax)
      AppStore
      GooglePlay
      WindowsPhone

    • By Kirill Kot
      Big Quest: Bequest. An adventure indie game with quests in a beautiful, bright world. Characters with unique traits, goals, and benefits.
      Mobile game, now available on Gameroom. Just open the web page and relax.
  • Popular Now