View previous topic :: View next topic |
Author |
Message |
imcimc
Joined: 03 Jan 2012 Posts: 2
|
Posted: Tue Jan 03, 2012 12:40 pm Post subject: About .NET Encryptor |
|
|
Hello.
I just want to know if it only encrypt the source code or if it prevent debuggers to attach in our softwares too, or both.
Thank you. |
|
Back to top |
|
|
Infralution
Joined: 28 Feb 2005 Posts: 5027
|
Posted: Tue Jan 03, 2012 9:17 pm Post subject: |
|
|
Yes it does both. _________________ Infralution Support |
|
Back to top |
|
|
imcimc
Joined: 03 Jan 2012 Posts: 2
|
Posted: Tue Jan 03, 2012 9:42 pm Post subject: |
|
|
There is a way to test it to check if it really works? |
|
Back to top |
|
|
Infralution
Joined: 28 Feb 2005 Posts: 5027
|
Posted: Tue Jan 03, 2012 10:10 pm Post subject: |
|
|
Try building the Release version of one of the sample Bootstrap projects then try to run it under the Debugger. Note that the Debug version of the project does not prevent debuggers. _________________ Infralution Support |
|
Back to top |
|
|
barnacleboy
Joined: 04 Mar 2014 Posts: 2
|
Posted: Tue Mar 04, 2014 3:57 pm Post subject: |
|
|
It works for me when I'm running the program in the debugger from the start of the application. But as soon as the program has passed the CheckProcessIntegrity method I am able to attach any debugger without any problems - tried that successfully with VS Debugger and OllyDbg. So I have to call randomly the CheckProcessIntegrity method to detect if a debugger has attached during runtime? |
|
Back to top |
|
|
Infralution
Joined: 28 Feb 2005 Posts: 5027
|
Posted: Tue Mar 04, 2014 11:29 pm Post subject: |
|
|
The anti-debug protection is primarily to prevent someone stepping through the decryption code that loads the assemblies into memory. It doesn't prevent someone attaching a debugger later. _________________ Infralution Support |
|
Back to top |
|
|
barnacleboy
Joined: 04 Mar 2014 Posts: 2
|
Posted: Wed Mar 05, 2014 6:42 am Post subject: |
|
|
Is it possible to dump the decrypted loaded assemblies from memory then? |
|
Back to top |
|
|
Infralution
Joined: 28 Feb 2005 Posts: 5027
|
Posted: Wed Mar 05, 2014 6:56 am Post subject: |
|
|
This is always possible with any encryptor product (no matter what their publicity may say). If the code executes on your computer then it is always possible to somehow dump the memory before or after the code runs. It is a matter of how difficult this. .NET Encryptor can detect the more common mechanisms used to dump memory of a process - but not all. We don't use some of the more esoteric anti-dumping/debugging mechanisms because we want .NET Encryptor to be simple, reliable and affordable. Many anti-dumping/debugging techniques introduce bugs (sometimes platform dependant). That's why we provide the option to turn down or off the protection mechanism using the value you pass to CheckProcessIntegrity. .NET Encryptor is like putting locks on your house - it prevents people decompiling your code with easily available tools. No encryption tool can prevent the determined (and skilled) thief as long as the code is executing on your machine. _________________ Infralution Support |
|
Back to top |
|
|
|