What are the challenges you face when working across database platforms? Take the survey
Options

Can I make SmartAssembly undetectable in my final DLL?

I would like to add an extra layer of protection to my .NET project by making sure that if a potential attacker tries to figure out which program was used to obfuscate the binary, they wouldn't be able to do that. The reason I want to do this is because I've seen various decompile-helper tools on different hack forums that were made for specific obfuscators. I get that the obfuscated names aren't recoverable anyways, but I want to make sure that nobody can figure out what programs I've used to protect my code. Or even worse, if SA's source code was leaked ore reverse-engineered (yes, I'm that paranoid) then an attacker might be able to see how the control-flow was obfuscated in my code.

I have noticed that SA adds a few new classes in the "SmartAssembly" namespace to my binary, and also a "Powered by SmartAssembly ..." assembly attribute, but those are pretty trivial to hide or rename. Are there any other traces of SA in the processed dll?
Tagged:

Answers

  • Options
    The mentioned attribute is the easiest way to detect that it was obfuscated by SA. I think that there will be always some footprint that can track down which obfuscator was used. That's because each obfuscator uses different techniques to obfuscate assembly and because of this, if you analyse the output, the application would be obfuscated in a way that is specific to obfuscator.

    As you said, some obfuscation methods are irreversible like obfuscating the names. There are also some obfuscation that will be always reversible and we can only make them harder to reverse like obfuscation of strings in the application (we can make it hard to analyse but in the end the application will have to resolve them in run-time, so if  the application can get them then any de-obfuscator can simulate what an application will do in run-time and get this string also).

    If you are worried then, unfortunately, there is always the possibility of reversing some forms of obfuscation and for .NET applications, for someone that knows what they are doing it is not that hard to analyse even the obfuscated assembly.

    Have you visited our Help Centre?
Sign In or Register to comment.