| |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
THANK
YOU! FOR CHOOSING TO EVALUATE: "GOLIATH .NET OBFUSCATOR"
VULNERABILITY OF THE OBFUSCATORS
PRESENT IN .NET BUSINESS:
IT WAS NOT CONSIDERED
REALLY THE PROBLEM OF "REVERSE-ENGINEERING OF .NET APPLICATION"
In addition to a possible Decompiler, thanks utility called ILDASM (IL
Disassembler) contained in VS .NET, you can view the MSIL code
contained in an assembly. With some obfuscator of the above,
it is also possible to stop ILDASM. At disassembling, the following
screen appears:...UNTIL TODAY THERE "THE ILLUSION" THAT HE WAS PROPERLY OBFUSCATING YOUR SOFTWARE! As shown, without any "effort"
(... and using *only* free products), it was possible, "analyze and
avoid" the various measures of protection!
The analysis
performed on the current obfuscators emphasized that although the names of the methods,
properties
and variables
have been altered (so as not to understand "immediately" the logic of
the project), a program:
![]() This
technique is absolutely useless! Control
matching data in file is executed from "ILDASM"! An attacker could
*Disassembe
and
Manipulate*, at
will, the executable "ILDASM.exe"
and bypass this type of protection! Cantelmo
Software considered important to mention that fact in order
not to prove to developers, a false sense of security!
VULNERABILITY OF THE "SECURITY
by OBSCURITY" (N.B.: cannot to obfuscate an single .DLL)
To secured the .NET
Code isn't enough only "to hide" one or more
assemblies as "resource files". A static "loader" (...and
badly obfuscated) facilitates an aggressor in the creation of
automatic "unpacker"!
VULNERABILITY OF .NET CRYPTER'S
To secured the .NET Code isn't
enough only "to crypt" Meta-Data, Resources, and Strings.
Obtain the .NET code ("clear") directly from memory, can
"render ineffective," the most modern cryptographic techniques!
FINAL
CONSIDERATION:
Cantelmo Software,
with your products of Security Line "GOLIATH .NET", provides
to the Developers effective tool (LOW PRICE) to protect the
Intellectual Property
of .NET Code
ALL PRODUCTS
SOFTWARE SECURITY LINE "GOLIATH .NET"
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Home
Page
Copyright © 2003-2010 "Cantelmo Software" del Geom. Marcello Cantelmo. All rights reserved • Legal Notes : ::
:
:Microsoft™,
Windows™,
.NET™, and .NET Framework™ sono marchi di Microsoft
Corporation. Tutti gli altri marchi appartengono ai legittimi
proprietari.
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||