View previous topic :: View next topic |
Author |
Message |
andisa
Joined: 14 Sep 2011 Posts: 5
|
Posted: Fri Oct 21, 2011 9:16 am Post subject: Bootskrap could not run obfuscated assembly |
|
|
To be extra safe we are trying to combine obfuscation using SmartAssembly and .NET Encryptor. The Idea is that on disk the .exe file si not readable when encrypted with .NET Encryptor and when executed it is still difficult to read, no matter the tools used, since it is obfuscated.
Shouldn't that work?
Now it doesn't yet because we get the error below:
'TPS.exe' (Managed (v4.0.30319)): Loaded 'C:\WINDOWS\Microsoft.Net\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll', Skipped loading symbols. Module is optimized and the debugger option 'Just My Code' is enabled.
'TPS.exe' (Managed (v4.0.30319)): Loaded 'C:\HotDisk\SourceCode\ApplicationGUI2007\HotBootstrapx86\bin\x86\Debug\TPS.exe', Symbols loaded.
'TPS.exe' (Managed (v4.0.30319)): Loaded 'C:\WINDOWS\Microsoft.Net\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll', Skipped loading symbols. Module is optimized and the debugger option 'Just My Code' is enabled.
'TPS.exe' (Managed (v4.0.30319)): Loaded 'C:\WINDOWS\Microsoft.Net\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll', Skipped loading symbols. Module is optimized and the debugger option 'Just My Code' is enabled.
'TPS.exe' (Managed (v4.0.30319)): Loaded 'C:\WINDOWS\Microsoft.Net\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll', Skipped loading symbols. Module is optimized and the debugger option 'Just My Code' is enabled.
'TPS.exe' (Managed (v4.0.30319)): Loaded 'C:\WINDOWS\Microsoft.Net\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll', Skipped loading symbols. Module is optimized and the debugger option 'Just My Code' is enabled.
'TPS.exe' (Managed (v4.0.30319)): Loaded 'C:\WINDOWS\Microsoft.Net\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.dll', Skipped loading symbols. Module is optimized and the debugger option 'Just My Code' is enabled.
'TPS.exe' (Managed (v4.0.30319)): Loaded 'C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualStudio.Debugger.Runtime\10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Debugger.Runtime.dll'
'TPS.exe' (Managed (v4.0.30319)): Loaded 'C:\HotDisk\SourceCode\ApplicationGUI2007\HotBootstrapx86\bin\x86\Debug\AssemblyLoader4x86.dll'
Step into: Stepping over non-user code 'AssemblyLoaderx86.AssemblyLoader.ExecuteAssembly'
'TPS.exe' (Managed (v4.0.30319)): Loaded 'Hotdisk'
The program '[5436] TPS.exe: Managed (v4.0.30319)' has exited with code -1073741819 (0xc0000005).
Hotdisk is the obfuscated assembly.
Any clues? |
|
Back to top |
|
|
Infralution
Joined: 28 Feb 2005 Posts: 5027
|
Posted: Sun Oct 23, 2011 9:45 pm Post subject: |
|
|
It should work if the executable assembly produced by SmartAssembly is still a standard .NET assembly. The error code you are seeing is not one of ours - it might be coming from SmartAssembly. I assume you have tested running the obfuscated assembly by itself and it is OK?
Are you trying to run this in the debugger? What happens if you comment out the call to CheckProcessIntegrity at the beginning of the Main method in the Bootstrap? _________________ Infralution Support |
|
Back to top |
|
|
Infralution
Joined: 28 Feb 2005 Posts: 5027
|
Posted: Mon Oct 24, 2011 12:49 am Post subject: |
|
|
Another possible thought. The assembly loader starts the main encrypted application by getting the main Assembly.EntryPoint and invoking it via reflection. If the obfsucator is obfuscating the entry point then this would be an issue. Most obfuscators can control which methods are obfuscated so if this is the problem you should be able to turn off obfuscation of the main method. _________________ Infralution Support |
|
Back to top |
|
|
|