ARTICLE
Protecting IL code from unauthorized disassembling
Tags: .Net, CLR, CLS, how to abstract the high level code, how to protect IL code, ILDASM.EXE, Microsoft Intermediate Language, MSIL, PE, Portable Executable, Protect code from Unauthorized user, Protecting IL Code from Unauthorized Disassembling, Vb.Net
Microsoft .NET proved a mechanism where the code written in VB.NET, C# or any CLS compliant languages to generate MSIL (Microsoft Intermediate Language)code which targets the CLR and executes. This is an excellent mechanism to abstract the high level code from the underlying hardware.
Microsoft .NET proved a mechanism where the code written in VB.NET, C# or any CLS compliant languages to generate MSIL (Microsoft Intermediate Language) code which targets the CLR and executes. This is an excellent mechanism to abstract the high level code from the underlying hardware.
What gets generated from the source file is a PE (Portable Executable), which will run on the CLR. Despite the advantages it offers, this mechanism faces a severe drawback of the MSIL, which can get recompiled to the actual source code.
Microsoft tool ILDASM.EXE adds up to this problem by giving an option to output an .IL from an assembly, this file contains code resembling the actual source code hence posing a sever threat to the intellectual property of the company.
Lets understand this problem with an example:
Class1.vb
imports system
Namespace mynamespace
class mclass
shared sub main
console.writeline("hi from main")
end sub
public function SayHi as string
SayHi = "Hi from Function"
end function
end class
end namespace
This code when compiled generates a executable Class1.exe.
vbc Class1.vb.
When you fire up ILDASM utility we can get to see the IL code which is read from the METADATA of the assembly.
To output .IL file from the assembly use the tool ILDASM.
ILDASM Class1.exe /out=Class1.il.
The Class1.il file thus generated looks more then just junk code but a clear readable code properly structured and resembles the actual source code. This sample clearly shows the part of IL code generated from Class1.exe assembly. The methord MAIN which prints "hi from Main" resembles the actual source code.
.method public static void main() il managed.
{
// Code size 11 (0xb)
.maxstack 1
.locals init (class System.Object[] V_0)
IL_0000: ldstr "hi from main"
IL_0005: call void [mscorlib]System.Console::WriteLine(class System.String)IL_000a: ret
} // end of method mclass::main
Can an IL be reverse-engineered ?
Well, i think u must have guessed by now that reverse engineering code from IL is fairly straight forward.
Is there a way to protect the assembly from getting disassembled ?
Well, yes as for now the only methord to protect the assembly is to use the tool ILASM with the /owner option.
Follow these steps to protect the assembly from getting disassembled.
Step1: Generating IL.
ILDASM Class1.exe /out=Class1.il.
Step2: Setting the owner option.
ILASM /owner=abc Class1.il.
This will create the assembly Class1.exe with the owner as "abc", not try to open this assembly with ILDASM utility.
You will get a message saying "Copyrighted Material- can not disassemble".
This assembly can only be viewed by supplying the owner.
ILDASM /owner=abc Class1.exe.
Once the compilers come with the /owner option, protecting the assembly will be much easier.