What is the best option to obfuscate?

Whether to obfuscate depends on what your goal is and also how your program is coded. I've heard of people having problems using obfuscators where their applications make heavy use of reflection.

There are some good SO threads out there about this topic:

Code:
Should you obfuscate a commercial .Net application?
http://stackoverflow.com/questions/71195/should-you-obfuscate-a-commercial-net-application

(Why) should I use obfuscation?
http://stackoverflow.com/questions/31882/why-should-i-use-obfuscation

Should I be worried about obfuscating my .NET code?
http://stackoverflow.com/questions/12075/should-i-be-worried-about-obfuscating-my-net-code

IMHO, if you're really concerned about protecting your code, a web application (hosted on a server that you own and control) is the way to go. Or, if you must have a Windows Forms app, you could make part of its functionality dependent upon server-side code (i.e., a Web service, a remote login to your site to retrieve data, etc.).

I'm an ASP.NET developer, but I have recently started developing Windows Forms apps (for the sole purpose of traffic generation for some blackhat methods ;)), and obfuscation has been a frustrating topic for me. It can deter some people, but at the end of the day, the computer must get its instructions from somewhere, and a determined individual or team of people can eventually get your code. This is why I prefer web development...the code is much harder to hack/steal.

Hope that helps.
 
Another option that came to mind...

You could build selected parts of your program in native DLLs or COM objects and then call them from your managed app using P/Invoke or COM Interop. This sounds like a pain in the rear to me, though.

There's a chapter in the following book about calling unmanaged code from a managed application if you're interested in learning more:

Code:
Visual Basic 2005 Recipes
http://www.apress.com/book/view/9781590598528

I don't have the book, but I was reading it at B0rders last weekend. :D
 
I've many years of corporate world (big office, normally in the basement, no windows, Use Cases of 500 pages, terrible). And in the corporate world, normally the client buy the executable and the code.

But now I'm coding a twitter bot, pure black hat :). I think I could sell it, depending in the quality I manage to achieve. So, the tipically win32 app is the context here

I came to think that one of the best ways of protecting you source code is to have the product in the non share list in the forum, but besides that I want to find a practical way of protection.

The options you say are very good, but:

1) Calling home for funcionality will increase the complexity, and the operational costs

2) Having some parts of the code in unmanaged DLLs is, like you say, "a pain in the rear". Also, I code with full objects and designs patterns. It's impossible to reproduce the design in Visual Basic 6, and C++ is way out of my league.

Thanks you for answers, and I will continue to search a viable and practical option, and I will share my results here
 
1) Calling home for funcionality will increase the complexity, and the operational costs

Very true.

Thanks you for answers, and I will continue to search a viable and practical option, and I will share my results here

You're welcome. For the time being, I'm going to have my app call home, but if I come across a "viable and practical option" for future projects, I'll share my results here as well.
 
yeah calling home is the best way.

A lot of my programs logic is done by a .net webservice running on my server.

You could hack the app to remove it but then it wouldn't function.
The only downside to this is requiring a windows server with enough grunt to handle the traffic.

If you sell ure app this shouldnt be a problem tho.
 
Back
Top
AdBlock Detected

We get it, advertisements are annoying!

Sure, ad-blocking software does a great job at blocking ads, but it also blocks useful features and essential functions on BlackHatWorld and other forums. These functions are unrelated to ads, such as internal links and images. For the best site experience please disable your AdBlocker.

I've Disabled AdBlock