Sunday, April 18, 2010

Crypto Obfuscator for .NET - Product Review

There are a number of .NET obfuscator offerings available, often at widely diverging prices. Crypto Obfuscator for .NET offers an excellent balance of good pricing, performance, and features.

All .Net compilers such as C#, VB.Net, Managed C++, IronPyhton, etc. emit compiled programs in MSIL (Microsoft Intermediate Language) format. This format preserves a lot of high-level information about your software such as class, field, method, property and parameter names and even the actual code in a well-defined structure. This has facilitated the development of many decompilers and dissassemblers which can extract this information from a .Net assembly. Some tools can even reconstruct the actual structure of your code including loops, if statements, method calls, etc.

This means that an unprotected .Net assembly is an easy target for hackers, crackers or competitors who can easily reverse-engineer your .Net code from the compiled assembly. They can easily glean valuable trade secrets, algorithms, sensitive information such as passwords, SQL queries, etc stored in strings, or even try to find security vulnerabilities and change product functionality.

Crypto Obfuscator's code-protection features will protect your .Net assembly from all the above vulnerabilities and attack points using a variety of sophisticated techniques such as:

Symbol Renaming: Crypto Obfuscator renames all your class, field, method, properties, methods, parameter and generic parameter names to totally different strings. It is impossible to determine the original names from the new names. This makes it impossible for someone to try to determine the purpose or functionality of the renamed entity from its name.

Advanced Overload Renaming: Crypto Obfuscator can also rename fields or methods with different signatures to the same name. For example two fields having types int and boolean will be given the same name. Similarly two methods will different parameters will be given the same name. In the case of methods, the method return type is also used in the signature even though high-level languages such as C# and VB.Net do not support overloading by return type. The .Net runtime is able to differentiate between the fields/methods without any problem since the signatures are different. Needless to say, this scheme makes it even harder to reverse-engineer your code.

Advanced Tamper Detection: Crypto Obfuscator can perform strong name verification of the assembly itself even if strong-name verification has been turned OFF on the machine on which the assembly is running or if the assembly has been registered in the verification 'skip-list' - this is typically done by hackers or crackers. Furthermore, the strong name verification is done using the original key used to sign the assembly when it was obfuscated by Crypto Obfuscator. Thus, strong name verification fails even if the key is removed or replaced - again something typically done by hackers or crackers.

Anti-Debug + Anti-Tracer Protection: Crypto Obfuscator's performs more than 10 advanced heuristic tests to detect if your software is running under a debugger or tracer. If detected, an exception is throw and your software will terminate. Both managed as well as native/unmanaged debuggers (including advanced debuggers such as OllyDbg) are detected. This provides a strong defense against crackers and hackers trying to debug or trace your software for various malicious purposes.

String Encryption: Literal strings often contain sensitive information such as login information, passwords, SQL queries, algorithm parameters. They also facilitate reverse-engineering of your .Net code. Crypto Obfuscator solves all these issues by encrypting all literal strings in your .Net code.

Control Flow Obfuscation: Many advanced decompilers can reconstruct the code in your methods including the exact structure of your loops, if-else statements, method calls, try-catch blocks, etc. This makes it very easy to revere-engineer your code. Crypto Obfuscator changes the structure of your code into spaghetti code while maintaining 100% the logic and output of the code. The result is that decompilers are unable to reconstruct the code structure and most of the times they crash while trying to do so.

Read more: eggheadcafe

Posted via email from jasper22's posterous