So. this is a basic question I guess: If I 'encrypt' the code with some .net obfuscator - then what is the chance that this code will not run on another machine (...machines without any ob* software installed...)?
Update:
thanks for the replies so far...the way I see it, the exe/dll can still be dissassembled and you need additional protection to battle this? Also, dotfuscator generates some weird xml file in the directory with the the obfuscated exe...now that i see. And this xml file开发者_高级运维 is called "Map" and it stores the names of my classes - i wonder what will happen if i rename/delete it, I guess: nothing.
Dotfuscator is changing your CIL to make it harder to follow for a human but still "legal" for the machine. There may be a chance that the code does not work any longer, but it would depend on Dotfuscator royally messing up with your code (which I'm sure should not happen) rather than not having something installed on the target machine.
(I'm wondering for instance how Dotfuscator deals with the use of reflection to call methods that had their name changed in the compiled version...)
See this article for more info on how it works.
Obfuscators rename the name of classes, methods and such, you can think of it as a kind of post-compiler that runs after the actual compiler. It prevents users from decompiling the assemblies and having access to your source. As it is a one time thing performed on your assemblies you don't need to have it installed on the target machine.
A negative side effect is that if there is an exception in your application you will get a stack trace with garbled method names. This might make it hard to find where the error in your production code is. The Map.xml file created is useful for this purpose, and can be used with a tool (that should be available from the company you got your obfuscator from..) to reverse the garbled names in the stack trace and show an ungarbled version.
I'm not an expert, but an obfuscator make the C# code unreadable if it is decompiled, and should not change how the program works.
Obfuscation differs from encryption in that obfuscated code must remain legal IL. This means that with enough effort, any obfuscated app can be cracked. However, some original information cannot be recovered (renaming is, for example, lossy - there is no way to get original names - however, you can still learn alot about an app even without the original names). Renaming is just ONE obfuscation transform - there are MANY. Control flow (reorganizing the instruction stack) has nothing to do with renaming - so - it does not break when reflection is used for example. Control flow is good for breaking machine reverse engineering (like from reflector) renaming is good for defeating human inspection (and neither are bulletproof).
Here is a link to a more thorough article on transforms, their side effects, why you would use one or more (and why you might not). Risks Unique to Java and .NET 2009 [PDF] http://www.preemptive.com/images/stories/white_papers/Risks_Unique_to_Java_and_NET_ISSA1109.pdf
You don't need the obfuscator installed on machines you want to run your program on!
Obfuscated code should run just fine on a machine without the obfuscator installed.
It will work fine. As far as I understand the way obfuscators work is they mix the MSIL the way not easily translatable to higher level languages (C#), but still understandable for CLR.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论