Should i use this?

  • Yes

    Votes: 0 0.0%
  • No

    Votes: 2 100.0%

  • Total voters
    2
Joined
Oct 17, 2016
Messages
95
Operating System
Windows 10
Antivirus
Avast
#1
i want to protect my source code against reverse engineering, i did some researches and people suggested this program called "Confuser" that protects your .Net application from being reverse engineered.
Do you guys suggest i use it or try another one?
i came across this thread question about .Net obfuscators it has some pretty good infos in it.
link- to-thread on stackoverflow....
 

Dani Santos

From Xvirus
Developer
Verified
Joined
Jun 3, 2014
Messages
1,055
Operating System
Windows 10
Antivirus
Xvirus
#4
Joined
May 8, 2014
Messages
1
#6
i want to protect my source code against reverse engineering, i did some researches and people suggested this program called "Confuser" that protects your .Net application from being reverse engineered.
Do you guys suggest i use it or try another one?
i came across this thread question about .Net obfuscators it has some pretty good infos in it.
link- to-thread on stackoverflow....

Ok so let's begin with Confuser,

First of all, it's a really old project as far as .NET Security is concerned. It has been studied, mastered, and tools to unpack it poped up on all ReverseEngineering boards such as Tuts4you, RTN etc. It is stated today that everybody can unpack it thanks to 'Nofuser' (sorry to link such forum, but that's the very original source).
Years have passed and Yck the coder of Confuser, released ConfuserEX. A new version of Confuser, which claimed to be more secure than even. Same scenario. Same-like tool (NofuserEX).

You may think that there are plenty of .NET obfuscator out there, but this is the same for every one of them...

De4Dot, a famous tool which can unpack all famous protector is open-source and everybody can access it, modify it and make it handle more protection.

The only remaining security is, as far as I'm concerned, NETGuard.IO. It's an online cloud-based obfuscator. This particular aspect make it very difficult for people to seek into its code. It has advanced security measures and there isn't any tool to unpack it. Owners have reeased a few crack-me challenges on several forums but none of them has been resolved yet. Current version is v5.5.6 and the support is really pleasant.
 
L

LabZero

Guest
#8
Considering the possibility of obfuscate the code, I would like to add:

1) .NET language is interpreted, therefore much more easy to decompile.
2) the obfuscators, even more powerful, usually delete the spaces in the various comments and renaming functions and variables with random names and maybe mixing them.
More, they can't do in order not to alter the program.

Obfuscator makes just a little bit more complicated the analysis of the source. But not very much.
It is not impossible to restore reasonable names.

Sure the obfuscator technique can also be more complex, such as declaring variables, insert cycles without goal and useless.These "bloat/crap" instructions, however, are translated in assembly code and intertwined with those useful, then an attacker would be in difficulty to understand the logic of my program.

My intention would be, once a set of transformation rules of the code, to create a tool to deal with them.
So, in the standard case a programmer :

- writes the source code, clean and understandable
- translates the clean source code with a obfuscator tool*
- compile the code

* ideal condition: the tool is written by the programmer himself who decides the rules for obfuscate the code.