What is Obfuscation?

advertisement
Obfuscation
in .NET
Atchyutuni Shilpa
CS-795
What is Obfuscation?

Dictionary Meaning:
To confuse, to make obscure a problem with
extraneous information, to darken.
-www.dictionary.com

Obfuscation in .Net:
- Technology of shrouding the facts.
-Technology that makes .NET assemblies more
difficult to decompiles and impedes reverse
engineering efforts.
.NET Software Development
Lifecycle
2
1
4
Design
Develop
and Build
Deploy
Test
3
Protect
Why Obfuscation?

.NET Programs compiled in MSIL, which is at a
higher level than binary machine code.

So .NET Programs are easy to reverse engineer
using decompilation.

The .NET framework ships with a tool (ILDASM)
that can disassemble MSIL.

Anyone can peruse the details of the software.
Why Obfuscation ctd….
Obfuscation reduces the size of an
executable.
 Obfuscation improves the application
performance at runtime.
 It protects the intellectual property.

Dotfuscator




Acts obfuscator, pruner, linker, and watermarker
for .NET applications.
Obfuscation is applied to MSIL and not source
code.
Obfuscated code is functionally equivalent to
traditional MSIL.
It executes on CLR with similar results.
Dotfuscator features
1.
Renaming :
-
Uses a patented Overload-Induction
renaming system.
-
Renames as many methods as possible to
a same name.
-
Saves space as short names used for
renaming.
Renaming Example
Original Source Code Before Obfuscation
private void CalcPayroll(SpecialList employeeGroup)
{ while (employeeGroup.HasMore())
{ employee = employeeGroup.GetNext(true);
employee.UpdateSalary();
DistributeCheck(employee);
}
}
Reverse-Engineered Source Code After Overload
Induction Dotfuscation
private void a(a b)
{ while (b.a())
{ a = b.a(true);
a.a(); a(a);
}
}
Dotfuscator Features ctd…
2. String Encryption:
Strings in sensitive part of the code are
encrypted.
3. Control Flow Obfuscation:
- Introduces false conditions and misleading
constructs in decompiled code.
4. Pruning:
-
Determines unused types, methods and fields.
Helps reduce size of the assembly.
5. Assembly Linking:
- Links multiple assemblies into one or more
output assemblies.
6. Watermarking:
- Used to Embed data (copyright
info/unique nos.) into applications, making
them unique.
Demonstration
Drawbacks
Maintaining and Troubleshooting becomes
difficult.
 Can break code that depends on
reflection, serialization or remoting.
 Hampers the debugging process, as
obfuscation alters MSIL.

Conclusion
Obfuscation is not 100 percent protection.
 If a hacker is perseverant enough, they
can find the meaning of your code.
 The goal of obfuscation is to make the
reverse engineering process extremely
time consuming and painful so that it not
worth the effort.

References
Professional Visual Studio 2005 – Andrew
Parsons and Nick Randolph.
 http://aspnet.4guysfromrolla.com
 http://www.preemptive.com
 http://msdn2.microsoft.com/enus/library/ms227295(VS.80).aspx

THANK YOU !!
Download