Tuesday, March 1, 2011

Review: Crypto Obfuscator for .NET 2011

All .NET codes written in .Net language when compiled are converted to MSIL. But there are many decompilers available through which we can reverse engineer the code, which means software licensing code, copy protection mechanisms, proprietary business logic, passwords, etc. get accessible to everyone. So to protect from code from misuse Obfuscator are available that provides for seamless renaming of symbols in assemblies as well as other tricks to foil decompilers. Properly applied obfuscation can increase the protection against decompilation by many orders of magnitude, while leaving the application intact.
There are many .NET obfuscators available today. Crypto Obfuscator For .Net is one of the great obfuscator which supports all versions of the .Net framework from v1.0 to v4.0. It also supports the .Net Compact Framework, Silverlight and XNA. It can protect assemblies created with any .Net language including C#, VB.Net, Managed C++, J#, etc.
Following are few key features available in “Crypto Obfuscator for .NET 2011”
Symbol Renaming – Crypto Obfuscator renames all your class, field, method, properties, methods, parameter and generic parameter names to totally different strings. It is impossible to determine the original names from the new names. This makes it impossible for someone to try to determine the purpose or functionality of the renamed entity from its name.
String Encryption – Literal strings often contain sensitive information such as login information, passwords, SQL queries, algorithm parameters. They also facilitate reverse-engineering of your .Net code. Crypto Obfuscator solves all these issues by encrypting all literal strings in your .Net code.
Anti-Reflection Protection – Many decompilers, dissassemblers and memory dumpers use Reflection to extract information about a .Net assembly. Crypto Obfuscator can modify the assembly in such a way that such tools will fail when trying to work on your assembly.
Anti-Decompiler Protection – Advanced decompilers such as the freely available .Net Reflector are your enemy in the battle against the hackers, crackers and competitors. Crypto Obfuscator can modify your assembly in such a way that such tools fail to work on your assembly – many times they are not even able to open your assembly, let alone examine it.
Advanced Tamper Detection – Crypto Obfuscator can perform strong name verification of the assembly itself even if strong-name verification has been turned OFF on the machine on which the assembly is running or if the assembly has been registered in the verification ’skip-list’ – this is typically done by hackers or crackers. Furthermore, the strong name verification is done using the original key used to sign the assembly when it was processed by Crypto Obfuscator. Thus, strong name verification fails even if the key is removed or replaced – again something typically done by hackers or crackers.
Advanced Anti-Debug + Anti-Tracer Protection – Crypto Obfuscator’s performs more than 10 advanced heuristic tests to detect if your software is running under a debugger or tracer. If detected, an exception is throw and your software will terminate. Both managed as well as native/unmanaged debuggers (including advanced debuggers such as OllyDbg) are detected. This provides a strong defense against crackers and hackers trying to debug or trace your software for various malicious purposes.
Advanced Overload Renaming – Crypto Obfuscator can also rename fields or methods with different signatures to the same name. For example two fields having types int and boolean will be given the same name. Similarly two methods will different parameters will be given the same name. In the case of methods, the method return type is also used in the signature even though high-level languages such as C# and VB.Net do not support overloading by return type. The .Net runtime is able to differentiate between the fields/methods without any problem since the signatures are different. Needless to say, this scheme makes it even harder to reverse-engineer your code.
Control Flow Obfuscation – Many advanced decompilers can reconstruct the code in your methods including the exact structure of your loops, if-else statements, method calls, try-catch blocks, etc. This makes it very easy to revere-engineer your code. Crypto Obfuscator changes the structure of your code into spaghetti code while maintaining 100% the logic and output of the code. The result is that decompilers are unable to reconstruct the code structure and most of the times they crash while trying to do so.
Watermarking – Crypto Obfuscator can embed watermark strings into your deployed assemblies. This can be used to track each assembly instance – this is commonly used for licensing by embedding user name and license codes as watermarks to deter license violations. The watermarks embedded in the assembly can be used in literal strings and constants to be used in your UI, message boxes, etc.
ILDASM Protection – ILDASM (Microsoft IL Dissassembler) is a free tool to disassembly any .Net assembly into MSIL (Microsoft Intermediate Language). Crypto Obfuscator can modify the assembly in such a way that ILDASM refuses to disassemble the assembly.
Metadata Reduction – Crypto Obfuscator can remove unnecessary or redundant information such as parameter names, property/event placeholders, etc from your .Net assembly . During symbol-renaming, Crypto Obfuscator will often assign extremely short (often single-character names) to your classes, fields, methods, etc. All these features can reduce the size of your .Net assembly considerably.

No comments:

Post a Comment