I’ve recently been looking a number of obfuscation tools for .Net and found Crypto Obfuscator to be one of the better ones. The main reasons are a simple UI and support of advanced obfuscation techniques, like encryption, anti-debug, anti-tampering, etc. - I’ll go into details below.
First a couple common questions for folks not familiar with obfuscation.
What is Obfuscation?
In a software context, obfuscation is the process of rearranging code so that it:
- Doesn’t reflect the original structure.
- Is very hard to reverse engineer, because the code has been changed in ways that are not intuitive or meaningful to humans.
Why Obfuscate?
The main reason to obfuscate is to protect (to a degree) the intellectual property of your software. If someone can see your source code they can copy it and potentially benefit or profit from your hard work, effectively taking advantage of you.
Note: obfuscation is not a 100% guaranteed lock on your source code. Any individual or organization with enough resources (time, money, expertise, etc) can make some sense of obfuscated code. However the majority of folks will just open your DLL in Reflector, see a bunch of scrambled code, and give up at that point. Think of it this way, you lock your front door when you leave the house. Sure someone determined could break a window to get into your house, but the likelihood is less. Think defense in depth, this is just one control layer - and your software should have many (more than just obfuscation).
So if you are deploying compiled code to customers and don’t necessarily want them poking around the source you should consider obfuscation. This review focuses on Crypt Obfuscator from LogicNP Software.
Example Application
Consider the following simple console program that takes in one input argument, does some secret stuff with it and returns a secret value.
Running the above program looks like this:
Now lets see what happens when someone views the application (DemoApp.exe) in Reflector.
Obviously the source is totally exposed to anyone decompiling the assembly. This is where a tool like Crypto Obfuscator comes in. It makes that decompiled code uncomprehendable.
Using Crypto Obfuscator
The first thing I noticed about this product was the easy to understand user interface. You basically just grab some DLLs you want to obfuscate, check some settings, and it does the rest. Here I added my DemoApp.exe to a new project and configured the obfuscation settings:
Now I can run the obfuscated code and see that it works exactly like the original.
However when I open this one in Reflector I get a totally different view of the decompiled source code:
As you can see classes got renamed, methods got renamed, internal logic got spread across many methods, some stuff is encrypted. Frankly I don’t know what is going on, and that’s the point.
So at this point my program is basically useless to someone trying to reverse engineer it, and that’s the value of the tool.
Advanced Features
Exclusion/Inclusion Rules
This allows you to control obfuscation behavior at a very fine grained level. For example I might want to just do something (or not do something) with my “DoSecretStuff” method:
Exception Reporting
The program has a built in a way to send errors to your service. Basically you click a button and it generates a C# project that you use to implement the error reporting service interface. The default implementation sends errors to you via Email/SMTP.
Code Signing / Authenticode Support
The tool also supports signing the new assembly that has been created. This is needed to enable the anti-tampering feature.
Licensing
There is also integration with LogicNP’s licensing technology if you use that.
Conclusion
Overall this is a super easy to use tool that does a really good job at scrambling source code. Although this blog post is about a DemoApp.exe, I’ve used this on real projects and found no issues with the generated/obfuscated code so far. The code even works on Mono. So if you are looking for an easy to use, fairly inexpensive obfuscator, you might consider Crypto Obfuscator.