Subscribe:

Tuesday 9 August 2011

Take Advantage of Our Advanced .NET Obfuscation Features

CliSecure .NET obfuscator goes beyond traditional obfuscation methods. In addition to renaming your metadata entities, it also supports advanced obfuscation methods that will harden your overall protection scheme and foil reverse engineering altogether.
Advanced obfuscation features include control flow obfuscation, method call obfuscation, string encryption, assembly merging and cross assembly obfuscation.



Features
Entity Renaming 
CliSecure .NET obfuscator renames all metadata constructs, this includes namespaces, class names, method signatures and fields as well as methods implementation and string values of your assembly. Renaming scheme includes 'unreadable chars' scheme, this method will transform classes, methods and field names to unprintable unicode chars. When decompiled, the result is an extremely difficult to understand source code. Since unprintable chars are used it won't be possible to compile the sources produced after decompilation. 
Control Flow Obfuscation
CliSecure .NET obfuscator provide control of flow obfuscation, control flow obfuscation hides the control flow information of the program by transforming exiting code flow patterns to semantically equivalent constructs, however different than the code originally written. The control flow obfuscation algorithm converts the original implementation into spaghetti code thus making it extremely harder to infer program logic. CliSecure .NET obfuscator ensures that application code flow of the obfuscated assembly remains intact.
Cross Assembly Obfuscation
Cross Assembly Obfuscation allows renaming of external references thus dramatically increasing the number of obfuscated constructs. Given a set of assemblies that interface each other, CliSecure will rename classes, methods and fields referenced from other assemblies uniformly. For example, if class A declared in assembly A is referenced from assembly B and CliSecure renames class A to A1, it will also rename B's external reference from A to A1.
Code Shrinking
If your application does not use all of the contained MSIL code, CliSecure .NET obfuscator will drastically reduce the size of the input assembly files. The shrinking engine analyzes the MSIL code of all input files in order to determine which code entities cannot be reached from a set of given code entry points. These obsolete code fragments (either entire classes or single methods and fields) will then be removed from the obfuscated assembly.
Software Watermarking
Software watermarking is a technique used to protect software from piracy. It is used to discourage a user from illegally redistributing copies of the software. The general idea of software watermarking is very similar to media watermarking in which a unique identifier is embedded in images, audio, or videos through the introduction of errors which are undetectable by human. CliSecure .NET obfuscator watermarks each assembly with a unique identifier that can later be used to identify owners of the software or to track the origin of a pirated copy.
Incremental obfuscation
Incremental obfuscation allows the developer to make changes to the original sources after releasing an obfuscated assembly and then provide a patch to the user that reflects the changes to the original application while preserving the name-mapping used in the original release. In order to accomplish this, a map file must be saved and later used to ensure that the renaming is preserved when making changes and re-releasing the obfuscated assembly.
Application Code Flow Remains Intact
It is essential that an obfuscator keep the functionality of the software totally intact while making the original source code unrecognizable if the obfuscated assembly is decompiled. CliSecure .NET obfuscator ensures that the obfuscated assembly will run the same way as the original assembly.
Configuring your obfuscation process
Obfuscation can introduce issues when reflection API is used in obfuscated assembly. Methods calls that were performed through the usage of reflection API are likely to fail once the application has been obfuscated, this happens since the method has been renamed by the obfuscator, however the call site still refers to the method by its original name. To mitigate these problems, CliSecure .NET obfuscator fully supports Microsoft's declarative obfuscation attributes. These attributes, declared directly in source code, allows the user to define class and method names that shouldn't be renamed.
String encryption
A common attacker will often search deployed assemblies for strings containing keywords such as 'GetLicense' or 'Invalid License'. By locating such strings, hackers attempt to circumvent the license protection embedded in the product that they are hacking. CliSecure .NET obfuscator provides the option of string encryption.
x64 platform support
Supports 32-bit and 64-bit applications
Framework 1.1, 2.0, 3.0, 3.5, 4.0 support
Support all versions of the .NET framework including version 4.0, the framework that ships with windows 7. Our obfuscation tool can be used to protect applications deployed under the .NET Compact Framework. 
Mixed-mode Assemblies Support
CliSecure can obfuscate mixed-mode assemblies.
Debugging
One of the side effects of obfuscation is the difficulty of debugging obfuscated code. Exceptions generated and reported by a user will typically include obfuscated method and class names making it almost impossible to trace back the stack trace in the source code. CliSecure .NET obfuscator generates a clearly labeled map file containing a detailed description of the obfuscated entities and their original names, this information is essential to the user in interpreting debugger output from the obfuscated assembly.
MSBuild and NAnt build Integration
CliSecure integrates with MSBuild and NAnt thus promoting its usage as a part of an entire range of complex build scenarios.


No comments:

Post a Comment