OT: Decompilation

  • Thread starter Thread starter Zaph Dante
  • Start date Start date
Z

Zaph Dante

Hello.

I was thinking a lot about moving from VB6 to .NET, and there was
nothing that really hurt me...
Only: I readt that you can decompile .NET almost (or completely?) to its
source code.
If that is true, why do would you develop a software in .NET when your
"enemies" can easily create their own software from your software? Is
there something that I missed?

Thank you very much for a reply.
Zaph.
 
Zaph,

You can go to Australia for free. "As long as you swim". (I assume that you
are not living in Australia looking of your message time).

That is almost the same as decompiling a .Net language, you can clearly see
the ILS, some think that because it looks very much as a C language..

However it is/was forever possible to decompile every program. (As long as
you swim long enough).

Cor
 
Hi Cor,

you are right in saying "As long as you swim long enough".
If you speak x86 "assembly" (x86 in our case, but if you know
one language, then it is no match to move to another cpu), then
it does not matter what language you are diassembling. And
if you know how to work with WinDbg, OllyDbg, WinDasm, etc,
then it is really no Problem to find out, how something works.

Forget about Obfuscators, Optimizers, etc,...


Regards

Kerem

--
 
Ever heard of Lutz Roeder`s reflector ?????

It will decompile anny .Net assembly and show it to you in numerous
languages ( even Delphi )

You could use a obfuscator , however with a .Net language and releasing to
end users you are never 100% safe in contradiction to
VB6 compiled in native code VB6 can be decompiled though however only
if it is compiled in P-Code , if it is compiled in native code with
optimizations on
it is not decompilabale to working code ,, although some people claim it can
be done i have nevers seen it so what i can`t see i wil not believe ( and
for those of you wondering no this does not make me a Atheist ! , i call
myself a Agnotist ) .

Currently i em employed at a companny were i write software for internall
usage , so this is not an issue annymore , however for those of you out
there that need certain parts of there coding shielded , i guess you must
take the risk , or stay as long as it is still possible at VB6 .

Personally i would obfoscuate my code , and write some nice constructs to
send the concurent developer in the woods :-)
Cause once you code in VB.Net or even another .Net language you never want
to go back to a pre .Net language ( yes i feel it is that good )


HTH

Michel
 
True with a slight twist ,, the code shown is not actually the exact code
that you have written however it does have the same logic flow
for instance a select case could have been converted to nested if then
statements string values could be converted to character codes etc etc etc

hth

Michel
 
You mean you would write tens of thousands of lines of just fake code
(or better have it written automatically)?
 
Well i would probably write some ecential parts of the code in such a way
that it is not obvious in what it exactly does , just to make it harder for
anyone to steall my work

,, i am pretty good at this i had some collegues in the past who had access
to my code files who needed my attention to explain them what my code
actually did
so if it is that hard for people who are working in the same company and
have access to the original non obfuscared code how hard would it be in a
obfuscated code file

for instance use encrypted string contstants :-) see the surprise on the
person who sees the result of that after decompiling and even bether if you
used a obfuscator


HTH

Michel
 
Zaph,

"Det is in mijn idee essentieel niet goed om essenties van een programma
niet onderhoudbaar te maken"

This is an example of a string not readable by most people in the world.

However you should never try to make your program unreadable by code. If you
real like obfuscating, then buy an obfuscater.
However, Internet has showed us (where javascript is easy to obfuscate),
that stealing your ideas and rebuilding that better is much simpler.

The latter you cannot hide simple by obfuscating, you have to registrate the
copyright of your original idea.

But then it should really be original and you should not yourself have seen
it somewhere. In my idea is than OOP not really the right tool as it is
build on reusing everytime classes we have got (or inheritting those).

Just my idea about this.

Cor
 
Hi Cor,

"Det is in mijn idee essentieel niet goed om essenties van een programma
niet onderhoudbaar te maken"

Waar!
This is an example of a string not readable by most people in the world.
Click to expand...

Verkeerd!

Cryptography in dutch...........dar kan ik inkomen, een beetje,...

I think i lost all my dutch skills over the years. This happens
when you grew up german, turkish, english, french (nearly
lost all my language skills too) and you dont see any family
from the netherlands any longer,...:-(....(sigh)

Regards

Kerem

--
 
"Det is in mijn idee essentieel niet goed om essenties van een programma
niet onderhoudbaar te maken"
Click to expand...

This is indeed true for my current job position , but if you write
deployable applications for a commercial company , you do not want that
people can easily see your code constructs
ofcourse it can be reverse engineerd by just simply looking at the program ,
but you want it to make them as hard as you possibly can .

To show you what it mean here is a noce article that covers the topic it is
in C# but it can be applyed the same way in VB or in fact anny .Net language
or java

http://jasonhaley.com/blog/archive/2006/06/15/136663.aspx

ofcourse in a development team strong documentation of what you exactly have
done to protect you work is verry essential here

I used Dan Appleman`s obfuscator when i worked for a commercial company ,
it is well documented and it is verry cheap ( you only needed to buy dan`s
e-book at that time )
a team of 4 developers from a customer of ours in Germany who were verry
sceptic about it have tryed to reverse engineer the product we made .

They were unable to get in our database ( wich was our main Goal ) and could
only show minor fractions of the thousands of lines of code the project
holded ( this were coders who new our business )

http://desaware.com/products/books/net/obfuscating/index.aspx


With VB6 they had also tried but came with nothing at all :-)
"Het is in mijn idee essentieel niet goed om essenties van een programma
niet onderhoudbaar te maken"
Click to expand...

then invented someone babelfish ( analogy decompiler )

"It is in my idea essential not well not make natures of a programme
onderhoudbaar"

and although it is not 100% what you wrote annyone with a litle fantasy can
now understand what you have said in dutch
in my opinion the same thing happens when you use a decompiler


This discussion brings back memmory`s of a discussion i once started about a
database that we needed to protect from the concurency , it seems that 99%
of the people active here do not write commercial programs that are released
to end users in a concurent market .

I am happy i have now joined those lucky ones who don`t have to bother about
security of there intelectual rights , ( as i now write inhouse production
software ) as i know from experience how hard this is in .Net from that
point of view Visual studio .Net was a giant leap backwards to VS 6

ofcourse the database part is solved with SQL server annywhere , if you need
a good starting point about this i would recomend Biill Vaughn`s E-Book


Hope to have given some ideas for anyone in desperate need to protect what
is theres



Michel
 
"Het is in mijn idee essentieel niet goed om essenties van een programma
then invented someone babelfish ( analogy decompiler )

"It is in my idea essential not well not make natures of a programme
onderhoudbaar"
Click to expand...

But the Essent was once gone, while it was twice there.

:-)

And because that the majority in this thread understand Dutch

Prettige feestdagen ,

Cor
 
Back
Top