Thursday, January 7, 2010
Protecting dot net application
Months back I posted a blog on a piece of software called Reflector which could easily decompile your .net application and produce a complete source code. It could be a bit of surprise for some of you who may not have known this. Usually what happens is unlike c and c++ applications .net applications are not compiled into binary codes. When you compile an application it is generally compiled into MSIL(Microsoft Intermediate language). All applications created in .net are dependent on CLR(Common language runtime). It is this runtime that executes and interprets your intermediate language and produce a machine level code that can be executed by the computer. So basically this means your application hasn't been fully compiled into machine code. It is compiled into an intermediate language which is interpreted by .net runtimes.
However there are a lot of obfuscating tools available which can be used to obfuscate your application so that a decompiler cannot easily decompile your application. But don't misunderstand obfuscating with compiling. Obfuscating is generally a way to hide your code (rather than compiling the application into machine level code) in such a way that your application cannot be easily decompiled into a complete source code. It usually changes the informations in your assembly in such a way that it becomes unreadable and meaningless to humans even if the decompiler is able to decompile it. The output produced after obfuscation is still another set of assemblies which is functionally the same one to the input application. If you have noticed while installing, visual studio comes with a handy tool called Dotfuscator Community Edition provided by preemptive which can be used to obfuscate your application. However you may need to purchase a full version from primitive solution for more advance obfuscation. There are other tools available as well such as smartassembly which can do preety good job.
This is all i have to say regarding this topic. If you want to learn more you better start googling on this topic and present your view on your own. You can also refer to the links provided below for more information and resources.
Thwart Reverse Engineering of Your Visual Basic .NET or C# Code
smartassembly
preemptive
Thanx
Sunday, January 3, 2010
Registry Tweak
Have you ever wondered how come your folder options in explorer doesn't appear even if you are damn sure that your PC is not infected by virus. Have you ever wondered how could you get your run and search menu reappear in your start menu. Have you ever wondered how can you remove applications from add/remove list even though you have uninstalled the program or deleted the application folder manually. Have you ever wondered how can you implement certain level of security in your home PC or workplace such as hiding drives or allow or disallow certain programs to run, so that other's might not jingle-mingle with the computer. Or you still google to search for some freeware to do all of these. If you are then here I am about to quench your quest.
This key consists of general settings for your file system. By file system I mean Drive, Folders and files and by general settings I mean settings such as menus that appear while you right click on your drive or folder or files, configuring those menus to fire some application when they are clicked, changing icon for particular file extension, changing default application for any file extension. Let me explain you with an example.
Ok, let’s try to add a menu to the drive.
- Open registry editor.
- Expand [HKEY_CLASSES_ROOT].
- Under it find a key named [Drive]. Expand it.
- Again find another sub key named [Shell]. Expand it.
- Create a new key under [Shell] key. To do so right click on [Shell] key and then click on New menu then click on key.
- You can see a new key being created. Right click on the key and then rename it to the desired name you want for your new menu. Let’s say you named it as [Notepad].
- Now create another sub key and rename it to [Command] under the key named [Notepad]. Remember this name should be [Command] as windows identify it as the place to determine the action to be performed when user click on this menu.
- Click on [Command] sub key.
- At the right hand side you can see a default string value being created named [Default].
- Double click the string value. And change the content to Notepad.exe or the full path of the application you want to execute when any user click on it.
- Now close the registry editor.
- Open My computer. Right click on drive. Your new menu will appear on it.
(Note: Remember some settings might require you to log off or restart completely to take effect.)
I guess this sample is enough for you to acknowledge the power of Registry settings.