Thursday, January 7, 2010

Protecting dot net application

Months back I posted a blog on a piece of software called Reflector which could easily decompile your .net application and produce a complete source code. It could be a bit of surprise for some of you who may not have known this. Usually what happens is unlike c and c++ applications .net applications are not compiled into binary codes. When you compile an application it is generally compiled into MSIL(Microsoft Intermediate language). All applications created in .net are dependent on CLR(Common language runtime). It is this runtime that executes and interprets your intermediate language and produce a machine level code that can be executed by the computer. So basically this means your application hasn't been fully compiled into machine code. It is compiled into an intermediate language which is interpreted by .net runtimes.

However there are a lot of obfuscating tools available which can be used to obfuscate your application so that a decompiler cannot easily decompile your application. But don't misunderstand obfuscating with compiling. Obfuscating is generally a way to hide your code (rather than compiling the application into machine level code) in such a way that your application cannot be easily decompiled into a complete source code. It usually changes the informations in your assembly in such a way that it becomes unreadable and meaningless to humans even if the decompiler is able to decompile it. The output produced after obfuscation is still another set of assemblies which is functionally the same one to the input application. If you have noticed while installing, visual studio comes with a handy tool called Dotfuscator Community Edition provided by preemptive which can be used to obfuscate your application. However you may need to purchase a full version from primitive solution for more advance obfuscation. There are other tools available as well such as smartassembly which can do preety good job.

This is all i have to say regarding this topic. If you want to learn more you better start googling on this topic and present your view on your own. You can also refer to the links provided below for more information and resources.

Thwart Reverse Engineering of Your Visual Basic .NET or C# Code




Sunday, January 3, 2010

Registry Tweak

Have you ever wondered how come your folder options in explorer doesn't appear even if you are damn sure that your PC is not infected by virus. Have you ever wondered how could you get your run and search menu reappear in your start menu. Have you ever wondered how can you remove applications from add/remove list even though you have uninstalled the program or deleted the application folder manually. Have you ever wondered how can you implement certain level of security in your home PC or workplace such as hiding drives or allow or disallow certain programs to run, so that other's might not jingle-mingle with the computer. Or you still google to search for some freeware to do all of these. If you are then here I am about to quench your quest.

Generally speaking every kind of applications(even windows is a kind of application) maintains a database to store it's data and settings. That's why the settings you changed now will reappear even though you reboot the computer. It's all about storing the data somewhere and using some mechanism to retrieve it from there. This is what every application does if it want's to save the settings that user changed in it.

Microsoft Windows has left us with a way to change those settings as and when required. And that application is called RegistryEditor. It is an easy to use interface provided by Microsoft to change your windows settings. Here you can find a huge amount of informations that can be tweaked as per your necessity. And remember this is the very place where you can tamper somebody's computer and give them unnecessary trouble coz' a single bit that you set in the registry may cause a lot of damage to your OS. And the best thing is, that somebody may be anybody .....even you. Isn't it fun. No .....?............. I knowwwwwwwww, it’s not.

As you may have seen Registry editor maintains different level of keys. The root level of key is My Computer. Under it you can see five different sub keys (HKEY_CLASSES_ROOT, HKEY_CURRENT_USER, HKEY_LOCAL_MACHINE, HKEY_USERS, HKEY_CURRENT_CONFIG).


This key consists of general settings for your file system. By file system I mean Drive, Folders and files and by general settings I mean settings such as menus that appear while you right click on your drive or folder or files, configuring those menus to fire some application when they are clicked, changing icon for particular file extension, changing default application for any file extension. Let me explain you with an example.

Ok, let’s try to add a menu to the drive.

  • Open registry editor.
  • Under it find a key named [Drive]. Expand it.
  • Again find another sub key named [Shell]. Expand it.
  • Create a new key under [Shell] key. To do so right click on [Shell] key and then click on New menu then click on key.
  • You can see a new key being created. Right click on the key and then rename it to the desired name you want for your new menu. Let’s say you named it as [Notepad].
  • Now create another sub key and rename it to [Command] under the key named [Notepad]. Remember this name should be [Command] as windows identify it as the place to determine the action to be performed when user click on this menu.
  • Click on [Command] sub key.
  • At the right hand side you can see a default string value being created named [Default].
  • Double click the string value. And change the content to Notepad.exe or the full path of the application you want to execute when any user click on it.
  • Now close the registry editor.
  • Open My computer. Right click on drive. Your new menu will appear on it.

(Note: Remember some settings might require you to log off or restart completely to take effect.)

I guess this sample is enough for you to acknowledge the power of Registry settings.

I’m getting little lazy out here to flourish you with more details and samples. So why don’t you try this Reference and discover it yourself. The tips I have collected are few of what you can do with registry. So do not hesitate to google it yourself for more.

Any way thanx for taking time to read this article. If you like it share this blog with others. And keep bouncing back soon. I like sharing what I learn. You should be doing that too.

click here to download this sample