It has to be said, I still don't get why so many people seem to want toHuihong said:Yes, you can do this, using the following means:
1. Purchase our linker/native compiler tool.
http://www.remotesoft.com/linker/
It can even natively compile your .exe to x86 code, and runs without
.NET Framework. The resulting package guarantee you the following:
(1) The best performance and best startup time. It beats any
competition.
(2) Simply the best source code protection. All code are in native x86
format. Guaranteed that your code is not able to be reverse engineered.
No other product can achieve this. For more info, check out:
http://www.remotesoft.com/deprotector
2. If you want to do it on your own for free, you can use the following
undocumented features to deploy your app with a subset of Microsoft
.NET Framework included. This is only usefuk for simple windows
application. For complex apps, you will need to implement a virtual
registry system to include some registry setting:
(1) set COMPLUS_InstallRoot environment variable to your appdir. This
is not public API, but it works.
(2) copy the framework directory
c:\windows\microsoft.net\framework\v1.14322, or v2.0.50727 into your
application dir. You can remove unused files by launching your
application
(3) create a local GAC dir inside your application dir, and copy all
GAC assemblies into your local gac.
Huihong
RemoteSoft, Inc.
Huihong said:You are again talking about a different thing. I said the BEST
protection against people to get back the source code from .NET
assemblies.
Let's do this: give me some .NET assembly that you think is better
protected and decrypted at runtime, I will get the source code for you.
In turn, I will give you a native compiled .NET assembly, I bet you
just won't be able to get the source code back. Is this simple?
All you are talking about is to prevent some kind of license key
hacking and cracking piece of the code.
In terms of encrypt and decrypt at runtime, it's nothing to protect
.NET code, may be good for native code. You don't see that the CLR
engine needs to be feeded with IL code, no matter how fancy you do with
the encryption, by the time code is executed, it MUST be in IL code
format. I can easily dump them out at that moment. If that is what you
think the best protection, that's nonsense.
The encryption/decryption/anti-debugging/anti-tracing/memory protection
on top of native code is another layer of protection, but only after
native code is available, which is what exactly our tool does right
now. Without native code, those means don't make sense.
There are so many people claim that native code is as easy decompiled
as Java/.NET, I just don't buy it. It is a totally false statement, and
very deceiving. The scale and easiness of decompilation is so much
different. Give you a 5 MB native exe, you will be overwhelmed by
disassembling, the most one can do is to crack some keys. On the other
hand, give you a 5 MB .NET assembly, one can easily dump out all source
code.
Göran Andersson said:Of course one can't get the source code back. That is impossible as soon
as you compile the code without including debug information. You don't
need to compile it to native code for that.
Huihong said:How? I don't see any way except encryption/decryption to do that.
If you don't compile Java or .NET bytecode to native code, no way to
stop getting source code back. The debug info is not needed at all for
these byte code, since the .NET assemblies and java classes themself
contains everything even if release build with optimization is done.
Huihong said:Are you saying that you can rewrite manualyl to mimic the
functionality? Now, this is very different from our topic on
decompilation. No one can stop you from doing that: rewriting from
scratch after studying a program's behavior and functionality.
As long as highly readable source code can be retrieved, who cares
whether or not the decompiled source code is exactly same as the
original. If you try our .NET Decompiler, you will see how closely a
decompiler can go. Most of the constructs are same after decompilation.
So you agree without native compilation, there is no way to stop people
from getting source code from .NET assemblies (and Java classes, or
other byte code based formats)!
Huihong said:Then show me some example, or list some tools that can automatically
decompile native code to source code, same or even poor quality than C#
assemblies. In pratice, people need to rewrite the program after
cracking some algorithms from naitve compiled code, the scale and
easiness is totally different from decompiling C# and Java. You can't
just claim native code is easily decompilable without any real
substance. If you can use a tool to decompile the simple Notepad.exe in
windows directory, and show me the source code, we will see! I can do
it very easily for even larger C# executable files.
| "Damien said:| It has to be said, I still don't get why so many people seem to want to
| do this. Yes, requiring a 23MB download may seem prohibitively
| expensive... IF your application is the only .NET application installed
| on a users machine. But consider how much space you're saving the user
| if you and 20 other applications all install the bits of .NET framework
| they need as separate copies...
:
Agree. Plus these "compiled" options are much bigger exe's. If everyone
did this, they would end up being bigger then the framework on your HD.