Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

C# Decompilers? [closed]

Tags:

c#

.net

Is it true? Can someone decompile a code that I wrote in C# from MSIL? From the .exe file?

like image 518
Gilad Naaman Avatar asked Dec 18 '10 20:12

Gilad Naaman


2 Answers

It's mostly true. A very clever programmer named Lutz Roeder wrote an excellent decompiler named Reflector (now owned by redgate). It's quite good at translating IL back to either C# or VB.NET code. It isn't complete magic, it cannot

  • translate constants back to their constant identifier
  • recover the names of local variables
  • decompile anonymous methods except in their intermediate form
  • decompile iterators, as above
  • decompile lambdas, as above
  • decompile the code that uses the promised C# 5 async and await keywords, as above
  • recover the comments in your code.

And has a few bugs that makes it resort to goto statements or fall over. It is otherwise very useful as a debugging aid, helping you discover and diagnose bugs in code you didn't write. There are no documented cases of anyone using it to start a successful business from pirated source code obtained through decompilation. It works too well for that.

It has otherwise started a lively market segment for 'obfuscators', tools that rewrite the contents of an assembly to make it hard to decompile it. Typical strategies are to rewrite identifiers so they become very hard to interpret and/or to tinker with the structure of the assembly so a decompiler will crash but the CLR will not. Redgate, the current owner of Reflector, also sells an obfuscator. There is one included with Visual Studio paid licenses, called 'Dotfuscator Community Edition'. No idea how good it is, this never gets put to the test.

Just using lots of lambdas and iterators in your code is already an excellent way to obfuscate your code. Reverse-engineering it to the original code is very difficult. That Lutz gave up on Reflector at the exact same time he did is not a coincidence, that's when C# became too hard to decompile reliably.

like image 67
Hans Passant Avatar answered Sep 18 '22 20:09

Hans Passant


Open source alternative: ILSpy. I've tried it my self encapsulate about 99% of reflector functionality.

like image 22
Tawfik Khalifeh Avatar answered Sep 19 '22 20:09

Tawfik Khalifeh