Can I make SmartAssembly undetectable in my final DLL?
SpckTX
Posts: 1 New member
I would like to add an extra layer of protection to my .NET project by making sure that if a potential attacker tries to figure out which program was used to obfuscate the binary, they wouldn't be able to do that. The reason I want to do this is because I've seen various decompile-helper tools on different hack forums that were made for specific obfuscators. I get that the obfuscated names aren't recoverable anyways, but I want to make sure that nobody can figure out what programs I've used to protect my code. Or even worse, if SA's source code was leaked ore reverse-engineered (yes, I'm that paranoid) then an attacker might be able to see how the control-flow was obfuscated in my code.
I have noticed that SA adds a few new classes in the "SmartAssembly" namespace to my binary, and also a "Powered by SmartAssembly ..." assembly attribute, but those are pretty trivial to hide or rename. Are there any other traces of SA in the processed dll?
I have noticed that SA adds a few new classes in the "SmartAssembly" namespace to my binary, and also a "Powered by SmartAssembly ..." assembly attribute, but those are pretty trivial to hide or rename. Are there any other traces of SA in the processed dll?
Tagged:
Answers
As you said, some obfuscation methods are irreversible like obfuscating the names. There are also some obfuscation that will be always reversible and we can only make them harder to reverse like obfuscation of strings in the application (we can make it hard to analyse but in the end the application will have to resolve them in run-time, so if the application can get them then any de-obfuscator can simulate what an application will do in run-time and get this string also).
If you are worried then, unfortunately, there is always the possibility of reversing some forms of obfuscation and for .NET applications, for someone that knows what they are doing it is not that hard to analyse even the obfuscated assembly.