.NET Obfuscator Shootout
I’m trying to select an Obfuscator for .NET. If you are writing commercial code and want to know why you should use a code obfuscator, upload your binaries to this site: http://www.remotesoft.com/salamander and see what a decompiler can do to them.
The candidates:
- PreEmptive DotFuscator Community Edition (Free)
- PreEmptive DotFuscator Pro Edition ($1890)
- XHEO CodeVeil ($899)
- Wise Owl Demeanor Enterprise ($799)
- pvlog.com Dotnetprotector Pro (Euro 500 — ~$700)
I’m trying to obfuscate a strong-named dll that will run in the GAC. Here are the preliminary evaluation results:
PreEmptive DotFuscator Community Edition (Free)
PreEmptive DotFuscator Community Edition does not handle strong-named assemblies very well. You have to delay-sign the assembly, run the obfuscator, and then sign the obfuscated assembly. For me, this is unacceptably cumbersome. Next.
PreEmptive DotFuscator Pro Edition ($1890)
Too expensive. Next.
XHEO CodeVeil ($899)
CodeVeil claims to obfuscate and encrypt. Unfortunately, this one crashed on my dll. I sent them a support email.
Wise Owl Demeanor Enterprise ($799)
Trial version only has a command line interface and the docs essentially consist of a man page like in UNIX. Despite the generally Klingon-level of ease-of-use, the tool seems to work. I ran it like this:
c:> demeanor.exe /keyfile:mykeyfile.snk myassembly.dll
When I inspect the obfuscated dll in ildasm, the public entry points are preserved and the private methods are all renamed to “a”. +1 for Demeanor.
When I run the obfuscated dll through the online Salamander decompiler, Salamander can regenerate the source code except that all the method names are “a”. +1 for Demeanor.
PVLog.com Dotnetprotector Pro (Euro 500 — ~$700)
Trial version has a GUI that is easy to use. This program obfuscates and encrypts like CodeVeil. It also seems to have a built in licensing system but I could not figure out how to get it to work.
When I inspect the obfuscated dll in ildasm, the public entry points are preserved and the private methods are all renamed to gibberish. +1 for PVLog.
When I run the obfuscated dll through the online Salamander decompiler, Salamander was not able to regenerate the source code; all the method bodies decompiled to “throw ApplicationException();”. +2 for PVLog.
Summary
Right now PVLog is in the lead with Demeanor second.
January 23rd, 2008 at 11:47 am
You might also want to look at Xenocode, {smartassembly}, and perhaps even .NET Reactor.
August 25th, 2008 at 2:13 am
Hi Chris,
I would invite you to take a look at our .NET protection tool, a tool that goes beyond mere obfuscation. Maxtocode (http://www.maxtocode/). Thank you.
Joe Thong
Maxtocode
http://www.maxtocode.com/