Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Is it possible to convert a dll to source code?

Tags:

.net

obfuscation

Is it possible to convert a dll library back to source code?

Not that I want to do this, but I need to outsource some non-critical parts of a software that I am writing, but I wouldn't want the other guys to copy everything that I have so far.

The code in the respective dll is not the whole code. I have managed to include only the necessary code in the library, but I still wouldn't like the other guys to copy my code.

Should I be worried?

like image 737
Fabio Milheiro Avatar asked Oct 10 '10 19:10

Fabio Milheiro

2 Answers

Possible? Yes.

Easy? It depends.

If you have written your dll in .NET, decompilation is a snap, using tools like Reflector, unless you have obfuscated your code.

Even if this is not .NET code, it is still possible, though much more difficult. And you can make things more difficult if you do obfuscate your code with one of the existing tools.

In general, if you give your code (compiled or not) to someone, they will be able to decompile it from the assembly/bytecode, even if it is obfuscated.

This is not always easy, and normally too much effort. It really depends on how paranoid you are and how valuable your code is to the third party.

There is no protection from a truly determined attacker. It can take them years, but if they are truly determined, they will figure it out.

like image 150
Oded Avatar answered Oct 19 '22 17:10

Oded

The process of recovering source code from compiled code is called decompilation and it can be achieved with better or worse results depending on the language that the program was written in.

To protect yourself against decompiling you can use an obfuscator which works by modifying the binary to make it harder to decompile. An example of a technique used by an obfuscator is to replace names of members that are visible in the binary with meaningless names (e.g. a001, a002, ...) so that the decompiled code makes less sense. Some even use keywords for these names (e.g. for, while, ...) so that a naive decompiler will produce code that won't even compile. They may also use other techniques such as encrypting strings so that they are not readable when viewing the binary.

Obfuscation is not a perfect defense. A sufficiently talented and determined adversary may be able to recover something reasonably similar to your original source code even if you use obfuscation.

like image 45
Mark Byers Avatar answered Oct 19 '22 19:10

Mark Byers
Sign in to Comment

Related questions

How does .NET locate the dll of the namespace I'm `using`?
If you aren't supposed to return collections to callers, how should you return a collection of data to a caller?
Defining two dimensional Dynamic Array
Powershell and overriden comparision operators
Why 'Object reference not set to an instance of an object' is not more descriptive?
Can I declare a variable of Type<T> without specifying T at compile time?
What is the threading class if I just want to test and set a flag in a threadsafe manner?
Opening a file from a pack URI in WPF
XmlDocument type not found even though I've referenced System.XML?
.NET Controls: Why aren't all calls thread-safe?
Make close button hide instead of closing [duplicate]
In what format is SQL Server data serialized when it is sent through the network?
Multiple Inheritance in C#: What is the purist way of achieving what I am trying to do?
C#.Net Windows application - Getting Logged user name in My NT
httpurlconnection thread safety
How can I modify strings using a "For Each" loop?
DotNetOpenAuth: How to implement a simple OpenId provider?
Windows Service : error 5 :Access Denied
Finding minimum values of (properties of ) collections in C#
Why bother with initializers? (.net)

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!