MSIL code
in [CSharp]
|
From: Tony Johansson on 10 Apr 2010 15:09 Hi! I just wonder about this Reflector tool. If I made a dll in .NET can then a person that have this DLL look at all the source code by using the Reflector tool ? I mean can he/she recreate all the source code. If I instead have a DLL unmanaged code for example made in C++ is it here possible look at the source code by using some kind of tool. I mean something that remind of Reflector ? //Tony
From: James Finch on 10 Apr 2010 15:58 Since .NET programs and libraries are compiled to MSIL, basically yes. Anyone can use .NET Reflector to view your source code almost as you wrote it. You can use various tools (Dotfuscator, etc.) to make the code more difficult to interpret, but if someone really wants to reverse engineer your code they will. It's that simple. You can make it more or less difficult but never impossible. When programs are written in C and C++ they are compiled to native machine code and are rather more difficult to reverse engineer than MSIL, but still never impossible. If you wish to protect your .NET code so that some idiot doesn't take credit for your work, the best you can do is use obfuscation techniques to make the code so difficult to understand that it would be easier for them to write an application from scratch that does the same thing. There are commercial tools available to make this process easier and also provide string encryption, etc. James Finch (MCDST) On 10/04/2010 20:09, Tony Johansson wrote: > Hi! > > I just wonder about this Reflector tool. > If I made a dll in .NET can then a person that have this DLL look at all the > source code by using the Reflector tool ? > I mean can he/she recreate all the source code. > > If I instead have a DLL unmanaged code for example made in C++ is it here > possible look at the source code by using some kind of tool. > I mean something that remind of Reflector ? > > //Tony > >
From: Family Tree Mike on 10 Apr 2010 16:22 On 4/10/2010 3:58 PM, James Finch wrote: > Since .NET programs and libraries are compiled to MSIL, basically yes. > Anyone can use .NET Reflector to view your source code almost as you > wrote it. You can use various tools (Dotfuscator, etc.) to make the code > more difficult to interpret, but if someone really wants to reverse > engineer your code they will. It's that simple. You can make it more or > less difficult but never impossible. > > When programs are written in C and C++ they are compiled to native > machine code and are rather more difficult to reverse engineer than > MSIL, but still never impossible. If you wish to protect your .NET code > so that some idiot doesn't take credit for your work, the best you can > do is use obfuscation techniques to make the code so difficult to > understand that it would be easier for them to write an application from > scratch that does the same thing. There are commercial tools available > to make this process easier and also provide string encryption, etc. > > James Finch (MCDST) > Many would say the best you could do is to create web services so that the heart of your code is remote and thus inaccessible. True that they could reverse engineer the client that connects to your service, but they cannot identify an algorithm that maybe you wanted protected which is housed on the server. -- Mike
From: Willem van Rumpt on 10 Apr 2010 17:03 On 10-4-2010 21:09, Tony Johansson wrote: > Hi! > > I just wonder about this Reflector tool. > If I made a dll in .NET can then a person that have this DLL look at all the > source code by using the Reflector tool ? > I mean can he/she recreate all the source code. > > If I instead have a DLL unmanaged code for example made in C++ is it here > possible look at the source code by using some kind of tool. > I mean something that remind of Reflector ? > Any compiled code available to a third party can be reverse engineered, the only factor involved is time. If you want to be sure that your code doesn't fall into other hands, the only option is to not deliver it to those hands. However, before considering switching languages, complex obfuscation and encryption techniques, there's one important point that lots of people seem to forget: Most code written is not rocket science, and is easier to write yourself, than to reverse engineer. Don't let it worry you too much. -- Willem van Rumpt
From: Tony Johansson on 10 Apr 2010 17:17
I was just curious!! //Tony "Willem van Rumpt" <wdotvandotrumpt(a)skoutsoftdotcom> skrev i meddelandet news:%23R9sDFP2KHA.3844(a)TK2MSFTNGP05.phx.gbl... > On 10-4-2010 21:09, Tony Johansson wrote: >> Hi! >> >> I just wonder about this Reflector tool. >> If I made a dll in .NET can then a person that have this DLL look at all >> the >> source code by using the Reflector tool ? >> I mean can he/she recreate all the source code. >> >> If I instead have a DLL unmanaged code for example made in C++ is it here >> possible look at the source code by using some kind of tool. >> I mean something that remind of Reflector ? >> > > Any compiled code available to a third party can be reverse engineered, > the only factor involved is time. > > If you want to be sure that your code doesn't fall into other hands, the > only option is to not deliver it to those hands. > > However, before considering switching languages, complex obfuscation and > encryption techniques, there's one important point that lots of people > seem to forget: > > Most code written is not rocket science, and is easier to write yourself, > than to reverse engineer. > > Don't let it worry you too much. > > -- > Willem van Rumpt |