Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Does shipping PDB file make obfuscation useless in .net?

Tags:

.net

obfuscation

pdb-files

eazfuscator

If I obfuscate a vb.net assembly using Eazfuscator with symbol names encryption turned on (so that I can use the Eazfuscator stack trace decoder), is this effectively undone if I ship the PDB file? I want to ship the PDB file so that I get line numbers in stack traces that are sent back to me in error reports.

I know I can get line numbers by keeping the PDB file for the shipped version but this is an extra layer of complexity that I don't need right now, I will implement this in the future. I just want to make sure I am not effectively shipping non-obfuscated code by including the PDB file.

Thanks in advance for any advice.

like image 278
Guy Avatar asked Aug 30 '11 13:08

Guy

People also ask

What is a PDB file?

Program database (PDB) is a file format (developed by Microsoft) for storing debugging information about a program (or, commonly, program modules such as a DLL or EXE). PDB files commonly have a . pdb extension. A PDB file is typically created from source files during compilation.

Should you ship PDB files?

Shipping pdb does not give any additional convenience to an user. So there are no reasons to ship pdb files with the app. Besides pdb file usually has a large size. Instead of shipping pdb files you should use a local Microsoft Symbol Server for a fast access to pdb files corresponding to error reports.

2 Answers

PDBs don't contain actual code. But I have a strong feeling that after obfuscation PDB will be incompatible with binary. Here is what located inside PDB:

  • Public, private, and static function addresses
  • Global variable names and addresses
  • Parameter and local variable names and offsets where to find them on the stack
  • Type data consisting of class, structure, and data definitions
  • Frame Pointer Omission (FPO) data, which is the key to native stack walking on x86
  • Source file names and their lines

As far as I understand obfuscation will ruin things like non-public types, methods, parameters etc. So if it doesn't change original IL offsets, showing line numbers might work, but it will provide some information that was actually obfuscated, question is it recoverable or not.

What I suggest is to add rich logging if you are very concerned about deobfuscation.

like image 122
Andrey Avatar answered Oct 17 '22 09:10

Andrey

No, shipping PDB files does not make obfuscation useless. Note however that PDB files can contain names of local variables so that is another piece of information which a disassembler like Reflector can use. PDB files can also contain full paths of the source code files, however, this rarely does any harm in terms of revealing sensitive information.

Some obfuscators like Crypto Obfuscator support PDB file generation - after obfuscation, it outputs new PDB files which are in sync with the obfuscated assemblies so that your stack traces remain correct. Further, the PDB files contain obfuscated names of the source code files mentioned above. It also strips all local variable names from the PDB files.

DISCLAIMER: I work for LogicNP Software, the developer of Crypto Obfuscator.

like image 20
logicnp Avatar answered Oct 17 '22 08:10

logicnp
Sign in to Comment

Related questions

C# .Net4: Properly disposing (dynamic) COM objects
Seeking FOSS .NET image processing "lasso" selector
How can tlbimp be used to specify different File and Assembly versions?
ORM for PHP like .NET Entity Framework [closed]
How to demand a running process to open a file?
Unlock local computer using .net
Log4Net smtp appender only send email when error with full log(debug & info & error). Only when the application ends
How to prevent colors from blending?
How to add custom method to auto-generated class in Entity Framework?
How can I use ':' character in a name of XDocument element?
How do I control optical zoom in a running "Internet Explorer_Server" instance?
SemaphoreSlim.Wait( CancellationToken ) proper try/finally for OperationCancelledException?
Am I supposed to dispose redirected StandardOutput/StandardError
Detecting Ctrl key being held down on application startup?
NServiceBus equivalent in Java world
Does the compiler optimize the Null Coalescing operator when used for self assignment?
VS UnitTest - Thread was Being Aborted
Add a scheduled task at the setup?
Why doesn't Visual Studio allow me to step into Type.GetType()?
C# Covariance and Contravariance when implementing interfaces

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!