如何保护Dotnet代码 [英] How to secure the Dotnet code
问题描述
嗨
我正在开发一个包含许可类,
认证等的应用程序,包括所有加密/解密算法
等我想保护这段代码,但是在编译完所有代码之后,我只想在输出文件上尝试使用反编译器。反编译器生成了几乎99%的确切代码,暴露了我需要保护的所有算法。即使我尝试使用dotfuscator工具,它仍然无法确保代码完美无缺。我想知道是否有一些确保输出无法反编译的机制。或者这是一个巨大的妥协,每个dotnet开发人员都必须选择这个工具进行开发。
问候
Usman
Hi
I''m working on an application that contains classes for licensing,
authentication etc, including all the algorithms of encryption/decryption
etc. I wanted to secure this code, but after compiling all the code, I just
thought of trying a decompiler on the output file. The decompiler generated
almost 99% of the exact code out of it, exposing all those algorithms that I
need to secure. Even if I try a dotfuscator tool, still it does''nt secure
the code perfectly. I was wondering if there''s some mechanism of ensuring
that the output cannot be decompiled. Or is this a huge compromise that
every dotnet developer has to do to opt this tool for development.
Regards
Usman
推荐答案
Usman,
Usman,
>我想知道是否有确保输出无法反编译的某种机制确保
。
>I was wondering if there''s some mechanism of ensuring
that the output cannot be decompiled.
没有,而且从来没有这样的东西。
未来的情况非常不可能。
请注意,混淆代码是一些开发人员试图对b
进行反编译的请求。
我不知道我说你不应该做得那么好。
Cor
" Usman" < us *** @ advcomm.netschreef in bericht
news:Og ************** @ TK2MSFTNGP02.phx.gbl ...
No there is not and there has never been something like that.
That it is in future is very much not likely.
Be aware that obfuscated code is a request for some developers trying to
decompile it.
With what I not am saying that you should not do it as good as you can.
Cor
"Usman" <us***@advcomm.netschreef in bericht
news:Og**************@TK2MSFTNGP02.phx.gbl...
嗨
我正在开发一个包含许可类的应用程序,
认证等,包括加密/解密的所有算法
等我想保护这段代码,但在编译完所有代码之后,我只需
想到在输出文件上尝试反编译器。反编译器
生成
几乎99%的确切代码,揭露所有那些算法
我
需要保证。即使我尝试使用dotfuscator工具,它仍然无法确保代码完美无缺。我想知道是否有一些确保输出无法反编译的机制。或者这是一个巨大的妥协,每个dotnet开发人员都必须选择这个工具进行开发。
问候
Usman
Hi
I''m working on an application that contains classes for licensing,
authentication etc, including all the algorithms of encryption/decryption
etc. I wanted to secure this code, but after compiling all the code, I
just
thought of trying a decompiler on the output file. The decompiler
generated
almost 99% of the exact code out of it, exposing all those algorithms that
I
need to secure. Even if I try a dotfuscator tool, still it does''nt secure
the code perfectly. I was wondering if there''s some mechanism of ensuring
that the output cannot be decompiled. Or is this a huge compromise that
every dotnet developer has to do to opt this tool for development.
Regards
Usman
所以我们建议您应该如何处理需要安全性的代码。 />
我们不能只发送代码而不确保我们的安全性不会被损害。通常是dotnet开发人员使用的技术。
我已经尝试了一些其他的混淆工具,其中一些已被证明是有用的,但是他们的许可和分发政策使它成为现实。不负担得起。所以简单来说,编写安全代码并没有什么大不了的问题,这些代码无法在VC ++ 6中反编译,但这对VC.Net来说是一个巨大的问题。
问候
Usman
" Cor Ligthert [MVP]" < no ************ @ planet.nlwrote in message
新闻:O3 ************* @ TK2MSFTNGP03.phx。 gbl ...
So what do you suggest should we do with such a code, that needs security.
We cannot just ship the code without making sure that our security is not
being compromised. Usually what techniques dotnet developers use for this.
I''ve tried a few other obfuscator tools, some of them have proved usefull
but thier licensing and distribution policy makes it un affordable. So
simply speaking, there was no big a problem writing secure code that cannot
be decompiled in VC++6, but this is a huge problem with VC.Net.
Regards
Usman
"Cor Ligthert [MVP]" <no************@planet.nlwrote in message
news:O3*************@TK2MSFTNGP03.phx.gbl...
Usman,
Usman,
我想知道是否有某种确保机制
输出无法反编译。
I was wondering if there''s some mechanism of ensuring
that the output cannot be decompiled.
没有没有,而且从来没有这样的东西。
它将来很不可能。
请注意,混淆代码是一些开发人员试图对b
进行反编译的请求。
我不知道我说你不应该做得那么好。
Cor
" Usman" < us *** @ advcomm.netschreef in bericht
news:Og ************** @ TK2MSFTNGP02.phx.gbl ...
No there is not and there has never been something like that.
That it is in future is very much not likely.
Be aware that obfuscated code is a request for some developers trying to
decompile it.
With what I not am saying that you should not do it as good as you can.
Cor
"Usman" <us***@advcomm.netschreef in bericht
news:Og**************@TK2MSFTNGP02.phx.gbl...
嗨
我正在开发一个包含许可类的应用程序,
认证等,包括
的所有算法
Hi
I''m working on an application that contains classes for licensing,
authentication etc, including all the algorithms of
加密/解密
encryption/decryption
等我想保护这段代码,但是在编译完所有代码之后,我只想
想到在输出文件上尝试反编译器。反编译器
生成了几乎99%的确切代码,暴露了所有这些算法
etc. I wanted to secure this code, but after compiling all the code, I
just
thought of trying a decompiler on the output file. The decompiler
generated
almost 99% of the exact code out of it, exposing all those algorithms
即
that
我
需要保证。即使我尝试使用dotfuscator工具,它仍然没有
I
need to secure. Even if I try a dotfuscator tool, still it does''nt
secure
secure
代码完美无缺。我想知道是否有某种机制
the code perfectly. I was wondering if there''s some mechanism of
确保
ensuring
表示输出无法反编译。或者这是一个巨大的妥协,每个dotnet开发人员都必须选择这个工具进行开发。
问候
Usman
that the output cannot be decompiled. Or is this a huge compromise that
every dotnet developer has to do to opt this tool for development.
Regards
Usman
Visual Studio附带的Dotfuscator是精简版。你应该试试
尝试专业试用,看看它是否更适合或者其他一个混淆器。有一些解决方案实际上加密了你的源代码;
当然还有一点点开销。
查看sharptoolbox上的混淆器/代码保护器你应该找到一个适合你需求的。
-
Gregory A. Beamer
****************************************** *******
在盒子外面思考!
********************** *******************************
" Usman" < us *** @ advcomm.netwrote in message
news:Og ************** @ TK2MSFTNGP02.phx.gbl ...
The Dotfuscator that ships with Visual Studio is a lite version. You should
try the pro trial and see if it better suits or one of the other
obfuscators. There are some solutions that actually encrypt your source;
there is a slight overhead for this, of course.
Look at the obfuscators/code protectors on sharptoolbox.com and you should
find one that suits your needs.
--
Gregory A. Beamer
*************************************************
Think Outside the Box!
*************************************************
"Usman" <us***@advcomm.netwrote in message
news:Og**************@TK2MSFTNGP02.phx.gbl...
嗨
我正在开发一个包含许可类的应用程序,
认证等,包括加密/解密的所有算法
等我想保护这段代码,但在编译完所有代码之后,我只需
想到在输出文件上尝试反编译器。反编译器
生成
几乎99%的确切代码,揭露所有那些算法
我
需要保证。即使我尝试使用dotfuscator工具,它仍然无法确保代码完美无缺。我想知道是否有一些确保输出无法反编译的机制。或者这是一个巨大的妥协,每个dotnet开发人员都必须选择这个工具进行开发。
问候
Usman
Hi
I''m working on an application that contains classes for licensing,
authentication etc, including all the algorithms of encryption/decryption
etc. I wanted to secure this code, but after compiling all the code, I
just
thought of trying a decompiler on the output file. The decompiler
generated
almost 99% of the exact code out of it, exposing all those algorithms that
I
need to secure. Even if I try a dotfuscator tool, still it does''nt secure
the code perfectly. I was wondering if there''s some mechanism of ensuring
that the output cannot be decompiled. Or is this a huge compromise that
every dotnet developer has to do to opt this tool for development.
Regards
Usman
这篇关于如何保护Dotnet代码的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!