Menu
I was experimenting with SmartAssembly obfuscation tool on a compiled website. It works on most of the code but any class in App_Code is not being obfuscated. e.g. I have following class in App_Code
public class Helper
{
public Helper()
{
}
public static String GetData()
{
String text = DateTime.Now.ToString();
return text;
}
---Other methods----
}
This Helper class is skipped. It does not do name mangling on Helper class and its methods. Can anybody using SmartAssembly help in this regard? Are there some other cost effective tools (free or paid) better than SmartAssembly.
258
Name obfuscation does not affect the performance and should always be used. You can virtualize methods that are not computationally intensive. Otherwise, control flow obfuscation should be used.
The main reason to use obfuscation is to protect intellectual property as you have indicated. It is generally much more cost effective to a business to purchase an obfuscation product like . NET Reactor than it is to try and legally enforce your copyrights.
This means that if you have a public DLL or executable that your business is distributing, anyone with a copy of your executable can open it up in a . NET decompiler like dotPeek, and directly read (and copy) your source code. Code obfuscation can't prevent this process—any . NET DLL can be plugged into a decompiler.
Obfuscation means to make something difficult to understand. Programming code is often obfuscated to protect intellectual property or trade secrets, and to prevent an attacker from reverse engineering a proprietary software program. Encrypting some or all of a program's code is one obfuscation method.
SA (SmartAssembly) automatically excludes public members in DLLs from obfuscation and pruning, because it assumes they will be used externally. You can override this behaviour by editing the saproj file to make the obfuscation line look like:
<Obfuscation ExcludePublicMembers="0" Obfuscate="1">
This will obfuscate all members, regardless of their public status.
This may cause problems because IIS may use reflection to look for specific public members with specific names. In this case, you will need to exclude those items from pruning/obfuscation.
As for obfuscation tools, SmartAssembly is quite a powerful obfuscator (hackers agree!), and has a lot of extras in it (error-reporting, feature-usage reporting etc). But, of course, there are a number out there beyond SmartAssembly, e.g. Dotfuscator or Deep Sea Obfuscator. Some are rather good, some are very bad.
If you've got any more problems, come ask us at: http://www.red-gate.com/products/dotnet-development/smartassembly/support
103
public methods do not get obfuscated by default (in DLLs- they do in exes). You can force obfuscation but you need to use code decorations. More details can be found here.
35
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
