Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Obfuscate Xamarin Application

Is it possible to extract the code of a Xamarin Android application and inspect it?

I am in last stages of one Application which would be soon released on Play Store. However, I am worried if the code could be extracted and looked at by other people.

Please advise, how to secure my App from other people looking at the code for it.

like image 338
user3379745 Avatar asked Jul 01 '26 17:07

user3379745


1 Answers

Yes, it is possible to extract the code of a Xamarin.Android application. By default, the .dll files are just resources inside the APK, and they can be extracted with a zip utility and examined with e.g. ILSpy.

The Xamarin docs explain how to protect your application, including:

  1. Disable debugging
  2. Obfuscate with Dotfuscator
  3. Bundle assemblies into native code (but see below)
  4. Use AOT (native) compilation (but see below)

Note that #3 requires an Enterprise license and just puts the .NET .dlls a layer deeper in the APK; it is still possible to extract them and they are still unobfuscated.

Note that #4 is explicitly listed as an experimental feature that should not be used in production.

Full disclosure: I work for PreEmptive Solutions, and we make Dotfuscator.

like image 173
Nathan Arthur Avatar answered Jul 03 '26 06:07

Nathan Arthur