Is it true? Can someone decompile a code that I wrote in C# from MSIL? From the .exe file?
It's mostly true. A very clever programmer named Lutz Roeder wrote an excellent decompiler named Reflector (now owned by redgate). It's quite good at translating IL back to either C# or VB.NET code. It isn't complete magic, it cannot
And has a few bugs that makes it resort to goto statements or fall over. It is otherwise very useful as a debugging aid, helping you discover and diagnose bugs in code you didn't write. There are no documented cases of anyone using it to start a successful business from pirated source code obtained through decompilation. It works too well for that.
It has otherwise started a lively market segment for 'obfuscators', tools that rewrite the contents of an assembly to make it hard to decompile it. Typical strategies are to rewrite identifiers so they become very hard to interpret and/or to tinker with the structure of the assembly so a decompiler will crash but the CLR will not. Redgate, the current owner of Reflector, also sells an obfuscator. There is one included with Visual Studio paid licenses, called 'Dotfuscator Community Edition'. No idea how good it is, this never gets put to the test.
Just using lots of lambdas and iterators in your code is already an excellent way to obfuscate your code. Reverse-engineering it to the original code is very difficult. That Lutz gave up on Reflector at the exact same time he did is not a coincidence, that's when C# became too hard to decompile reliably.
Open source alternative: ILSpy. I've tried it my self encapsulate about 99% of reflector functionality.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With