Is Confuser Good For protector/obfuscator for .NET?

Should i use this?

  • Yes

    Votes: 0 0.0%

  • No

    Votes: 2 100.0%
  • Total voters
    2
HeroCloudAntivirus

HeroCloudAntivirus

Level 2
Thread author
Verified
Oct 17, 2016
95
i want to protect my source code against reverse engineering, i did some researches and people suggested this program called "Confuser" that protects your .Net application from being reverse engineered.
Do you guys suggest i use it or try another one?
i came across this thread question about .Net obfuscators it has some pretty good infos in it.
link- to-thread on stackoverflow....
 
  • Like
Reactions: _CyberGhosT_, LabZero, askmark and 2 others
XenocodeRCE

XenocodeRCE

New Member
May 8, 2014
1
HeroCloudAntivirus said:
i want to protect my source code against reverse engineering, i did some researches and people suggested this program called "Confuser" that protects your .Net application from being reverse engineered.
Do you guys suggest i use it or try another one?
i came across this thread question about .Net obfuscators it has some pretty good infos in it.
link- to-thread on stackoverflow....
Click to expand...


Ok so let's begin with Confuser,

First of all, it's a really old project as far as .NET Security is concerned. It has been studied, mastered, and tools to unpack it poped up on all ReverseEngineering boards such as Tuts4you, RTN etc. It is stated today that everybody can unpack it thanks to 'Nofuser' (sorry to link such forum, but that's the very original source).
Years have passed and Yck the coder of Confuser, released ConfuserEX. A new version of Confuser, which claimed to be more secure than even. Same scenario. Same-like tool (NofuserEX).

You may think that there are plenty of .NET obfuscator out there, but this is the same for every one of them...

De4Dot, a famous tool which can unpack all famous protector is open-source and everybody can access it, modify it and make it handle more protection.

The only remaining security is, as far as I'm concerned, NETGuard.IO. It's an online cloud-based obfuscator. This particular aspect make it very difficult for people to seek into its code. It has advanced security measures and there isn't any tool to unpack it. Owners have reeased a few crack-me challenges on several forums but none of them has been resolved yet. Current version is v5.5.6 and the support is really pleasant.
 
  • Like
Reactions: _CyberGhosT_, Ink, Jack and 2 others
L

LabZero

Considering the possibility of obfuscate the code, I would like to add:

1) .NET language is interpreted, therefore much more easy to decompile.
2) the obfuscators, even more powerful, usually delete the spaces in the various comments and renaming functions and variables with random names and maybe mixing them.
More, they can't do in order not to alter the program.

Obfuscator makes just a little bit more complicated the analysis of the source. But not very much.
It is not impossible to restore reasonable names.

Sure the obfuscator technique can also be more complex, such as declaring variables, insert cycles without goal and useless.These "bloat/crap" instructions, however, are translated in assembly code and intertwined with those useful, then an attacker would be in difficulty to understand the logic of my program.

My intention would be, once a set of transformation rules of the code, to create a tool to deal with them.
So, in the standard case a programmer :

- writes the source code, clean and understandable
- translates the clean source code with a obfuscator tool*
- compile the code

* ideal condition: the tool is written by the programmer himself who decides the rules for obfuscate the code.
 
  • Like
Reactions: Deleted member 65228, _CyberGhosT_, Ink and 1 other person
You must log in or register to reply here.

Similar threads

oldschool
    • Like
    • Applause
    • +Reputation
The case for slowing down AI
Replies
5
Views
888
News Archive
oldschool
oldschool
SpyNetGirl
    • Like
    • +Reputation
    • Hundred Points
Harden Windows Security | Only with official documented methods | Always up to date
Replies
75
Views
10,226
Other security for Windows, Mac, Linux
Warencom
W
oldschool
    • Like
    • Wow
    • +Reputation
Why You Suddenly Need To Delete Google Chrome
Replies
17
Views
3,282
News Archive
Dave Russo
Dave Russo

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top