Saturday, March 17, 2007

Another method of protecting your code

I ran across Debasish Bose's post on code protection tools.
He covered some of the protection methods I discussed in my previous post on the subject, and was very excited by .NET Reactor. However, as I wrote in my post, this tool is easily circumvented by patching into the framework and dumping the assembly once it's decrypted in memory.

The most interesting part for me deals with Secureteam's tool, used to encrypt the .Net code, and only decrypt specific sections in memory at any specific point in time, blocking the ability to dump the entire assembly:
"CliSecure protects the IL code stored in your assemblies. During execution the code is handed to the jitter in its decrypted form just before compilation occurs. The CliSecure execution engine assures that your assembly is never fully decrypted in-memory. This makes it impossible to reconstruct your original assembly by using memory dump tools."

No comments: