Занимался тут подбором обфускатора для нашей компании, остановился на CodeVeil, судя по всему достаточно мощная штука (хотя и дорогая), по крайней мере в сравнении с теми, что нашел
Интересует такой момент, в его документации есть такая информация:
Runtime Protection
Anti-Modification When your assembly is first loaded the executive uses the encrypted version of your assembly as a decryption key to decode key portions of itself. Any unauthorized modifications to the assembly will corrupt this process preventing the assembly from loading properly. No MSIL will ever by decrypted
Anti-Debugging
When Kill Debuggers is selected in the assembly options, CodeVeil injects additional instructions that will wreak havoc on debuggers that attempt to attach to a veiled process and perform any debugging operations. CodeVeil uses many different anti-debugging techniques — some well known, others designed by XHEO — so that overcoming one block does not expose other portions of the code.
Component developers should carefully consider the use of this option. Using Kill Debuggers will prevent developers using the components from debugging any software that uses the components.
Anti-Tracing Tracing is a debugging technique used to map execution paths and is used to isolate code involved in performing specific operations. The Anti-Debugging features will prevent tracing of the execution path of the assembly. CodeVeil adds additional code that will execute alternate instruction paths when traced so that the true execution path is not revealed.
Anti-Dumping One common technique for disassembly encrypted applications is to run the application, then save the in-memory version of the application to disk. The dumped version can then be modified by the hacker and then reloaded in its decrypted state. The CodeVeil decryption system is unique in that the in memory version of the assembly is almost identical to the encrypted on-disk version. The only changes are those to break the assembly once reloaded. The decrypted code cannot be dumped from memory
Anti-Profiling The .NET runtime has special points of entry for profilers that allow them to see and modify assemblies at runtime. When Kill Profilers is selected CodeVeil will prevent the process from loading the veiled assembly and eliminate the threat.
Anti-Reflection Not strictly a runtime feature, Anti-Reflection is added when the assembly is veiled with Kill Reflectors selected. This junk meta-data will crash or severely impair a .NET disassembly tool such as Reflector and ILDASM from accessing the good meta-data. This can cause problems with 3rd party controls that use reflection to discover properties about your assembly
т.е. и рефлекторы крушит, и дебаггеры и прочее.
Я пробовал открыть обфусцированную сборку Рефлектором (от ред гейт) — действительно рефлектор выбрасывает ошибку.
Остальные функции и другие дисассемблеры не проверял, все-таки я не хакер. Но вот что-то слабо верится, что взломать сборку не получится, наверняка есть софт, способный обходить такую защиту.
Кто-нибудь сталкивался с таким ? Насколько заявленная защита повышает уровень защищенности ? Или при использовании чуть более продвинутого хакерского софта (типа софт айс) вся эта Anti-Debugging, Anti-Reflection и Anti-Dumping защита отключается на счет раз ?