Click here to Skip to main content
15,113,353 members
Articles / Programming Languages / MSIL
Technical Blog
Posted 16 Oct 2016

Stats

130.6K views
82 bookmarked

Protect Your Source Code from Decompiling or Reverse Engineering .NET Assemblies

Rate me:
Please Sign up or sign in to vote.
4.92/5 (52 votes)
5 Nov 2016Ms-PL3 min read
How to protect your source code from decompiling or reverse engineering

Many developers are still not aware that Portable Executable (PE) files can be decompiled to readable source code. Before learning how to prevent or make it hard for the decompilers to reverse engineer the source code, we need to understand a few basic concepts.

What is a Portable Executable file?

When source code is complied, it generates a Portable Executable (PE) file. Portable Executable (PE) is either a DLL or an EXE. PE file contains MSIL (Microsoft Intermediate Language) and Metadata. MSIL is ultimately converted by CLR into the native code which a processor can understand. Metadata contains assembly information like Assembly Name, Version, Culture and Public Key.

How Can We Get Source Code from DLL or EXE?

Yes, we can get the source code from DLL or EXE. To demonstrate this, let's create a simple application first.

Open Visual Studio, create a new project and select console based application.

image

Add some sample code into the Program.cs:

C#
using System;
 
namespace MyConsoleApp
{
  internal class Program
  {
    private static void Main(string[] args)
    {
      Console.WriteLine(PublicMethod());
      Console.WriteLine(PrivateMethod());
    }
 
    public static string PublicMethod()
    {
      // Your source code here
      return "Public Method";
    }
 
    private static string PrivateMethod()
    {
      // Your source code here
      return "Private Method";
    }
  }
}

Now build the application, an EXE will be generated in the bin/debug folder:

image

Now let's try to get the source code from the EXE file. For the first, open Visual Studio command prompt.

image

Type ildasm and hit enter. ILDASM is MSIL Disassembler. It basically has an ability to read Intermediate Language.

image

ILDASM will open, now open the EXE file we created.

image

As we can see, ILDASM disassembles the EXE and lots of useful information can be retrieved, though it does not provide the original source code completely, a lot can be interpreted. The easy way to reverse engineer and get the exact source code is that there are decompliers available in the market for free such as Telerik JustDecompile and Jet Brains dotPeek which can convert the Intermediate Language into the original source code.

image

As we can see in the above screenshot when we open the EXE with Telerik JustDecompile, we are able to see the original source code. This can lead to piracy and ultimately you can lose your profits.

How to Prevent EXE and DLL from Getting Decompiled?

The process of protecting the EXE and DLL from getting decompiled into the original source code is called Obfuscation. There are a lot of paid and free software available to Obfuscate the .NET assemblies, Dotfucator from PreEmptive Solutions is one of the popular ones and their community edition is free and included with Visual Studio. If you are interested in buying other versions, check out this comparison. The Dofuscator community edition has limited features and the professional edition is very expensive. So instead of gaining profits by protecting them from reverse engineering, we will end up spending a lot on Obfuscation.

One of the best alternate utilities for obfuscating is ConfuserEx. It is completely free and opensource. You can download ConfuserEx from here.

After downloading, extract the zip into a folder and then run ConfuserEx.exe.

image

Drag and drop the EXE you want to protect on the ConfuserEx or you can manually select Base Directory, Output Directory and add the DLL or EXE.

image

Once you are done setting up the directories and adding DLL or EXE, go to the Settings tab in ConfuserEx. You can either add rules to Gobal settings or set individually for each DLL or EXE.

image

Click on “+” button, you will see “true” under Rules. Now click on edit rule (button below “-”).

image

On clicking edit rule, a new window will appear as shown below. Click on “+” button.

image

You can select different ways to add levels of protection. If you want to learn Obfuscation in depth, check out this article.

image

Select only with “Anti IL Dasm” and “Anti Tamper”, that is enough for making it hard enough to reverse engineer for the decompilers.

image

After you click on Done, go to Protect tab and click on Protect button.

image

image

You can find the protected DLL or EXE in the output directory selected.

image

Test the EXE or DLL generated by ConfusedEx and check if it is working as usual. Now try to decompile it with a decompiler.

image

As we can see, the confused DLL or EXE which gets generated by ConfuserEx cannot be decompiled any more.

License

This article, along with any associated source code and files, is licensed under The Microsoft Public License (Ms-PL)

Share

About the Author

Arun Endapally
Architect Thomson Reuters
India India
No Biography provided

Comments and Discussions

 
QuestionVirus Pin
bir yaz27-May-21 19:00
Memberbir yaz27-May-21 19:00 
AnswerRe: Virus Pin
Arun Endapally9-Jun-21 22:28
professionalArun Endapally9-Jun-21 22:28 
GeneralMy vote of 5 Pin
Tech Code Freak4-Apr-21 4:05
MemberTech Code Freak4-Apr-21 4:05 
Questionnot working for me showing error Pin
neeraj_23-Feb-21 21:21
Memberneeraj_23-Feb-21 21:21 
QuestionMessage Closed Pin
23-Feb-21 20:59
Memberneeraj_23-Feb-21 20:59 
Questionwhat about new .net core publish options; dotPaek not able to decompile don't check other simple options Pin
maxoptimus3-Oct-20 9:43
Membermaxoptimus3-Oct-20 9:43 
QuestionSupport Pin
Member 149256482-Sep-20 13:36
MemberMember 149256482-Sep-20 13:36 
QuestionThis is a dangerous Virus! don't use ConfuserEx.exe Pin
Ahmed Risa26-Aug-20 20:24
MemberAhmed Risa26-Aug-20 20:24 
QuestiondotPeek can still decompile the exe Pin
rehmaknatiq18-Jun-20 3:30
Memberrehmaknatiq18-Jun-20 3:30 
AnswerRe: dotPeek can still decompile the exe Pin
khaliljkazi@gmail.com15-Jul-20 18:57
Memberkhaliljkazi@gmail.com15-Jul-20 18:57 
GeneralRe: dotPeek can still decompile the exe Pin
Member 1478481231-Jul-20 7:35
MemberMember 1478481231-Jul-20 7:35 
AnswerRe: dotPeek can still decompile the exe Pin
vishal_h22-Sep-20 3:06
Membervishal_h22-Sep-20 3:06 
I am also facing same issue where dotPeek easily decompiling the dll and exe. Do you find any other alternative ?
PraiseThank you! Pin
Anderson A D Nunes30-Apr-20 21:47
MemberAnderson A D Nunes30-Apr-20 21:47 
GeneralMy vote of 5 Pin
Jared Drake18-Feb-20 3:55
MemberJared Drake18-Feb-20 3:55 
PraisePerfect article! Pin
Jared Drake18-Feb-20 4:18
MemberJared Drake18-Feb-20 4:18 
GeneralMy vote of 5 Pin
whitesoul0110-Oct-19 6:53
Memberwhitesoul0110-Oct-19 6:53 
QuestionThanks Pin
AliBayat.200824-Aug-19 19:03
MemberAliBayat.200824-Aug-19 19:03 
QuestionNot worked with WPF application Pin
Shailesh vora30-Jul-19 21:48
MemberShailesh vora30-Jul-19 21:48 
Questionprotect in memory after obfuscation Pin
gianmarcocastagna_22-Mar-18 6:05
Membergianmarcocastagna_22-Mar-18 6:05 
BugConfuserX - Unpacker Pin
Soran Sobhani Rad20-Feb-18 22:53
professionalSoran Sobhani Rad20-Feb-18 22:53 
GeneralProtect compact framework EXE File Pin
Member 21243567-May-17 21:43
MemberMember 21243567-May-17 21:43 
GeneralRe: Protect compact framework EXE File Pin
Arun Endapally30-May-17 9:24
professionalArun Endapally30-May-17 9:24 
GeneralMy vote of 5 Pin
Аslam Iqbal6-Nov-16 18:59
professionalАslam Iqbal6-Nov-16 18:59 
SuggestionChange the title to reflect you are talking about .Net assemblies only Pin
the Kris5-Nov-16 1:26
Memberthe Kris5-Nov-16 1:26 
GeneralRe: Change the title to reflect you are talking about .Net assemblies only Pin
Arun Endapally5-Nov-16 21:35
professionalArun Endapally5-Nov-16 21:35 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.