我如何安全地使用混淆器?

时间:2021-08-26 01:26:01

When I attempt to use dotfuscate on my application, I get an application error when I run it.

当我尝试在我的应用程序上使用dotfuscate时,运行时出现应用程序错误。

3 个解决方案

#1


Dotfuscator (and all obfuscators) are typically safe to run on an application, but they do occasionally cause problems. Without specific details of your problem, it's difficult to diagnose.

Dotfuscator(和所有混淆器)通常可以安全地在应用程序上运行,但它们偶尔会导致问题。如果没有问题的具体细节,很难诊断。

However, one common problem with obfuscators is when you mix them with reflection. Since you're changing the type names, but not strings, any time you try to reflect on objects with a specific string name, and use the reflection namespace to construct objects, you'll likely have problems.

但是,混淆器的一个常见问题是当它们与反射混合时。由于您要更改类型名称而不是字符串,因此每次尝试反映具有特定字符串名称的对象,并使用反射命名空间构造对象时,您可能会遇到问题。

#2


Most of the problem I have encountered with obfuscation revolve around types that can't have their name changed, because something needs to reflect on them (your code or the runtime).

我在混淆中遇到的大多数问题都围绕着无法更改其名称的类型,因为需要反映它们(您的代码或运行时)。

for example if you have a class that is being used as a web service proxy, you can't safely obfuscate the class name:

例如,如果您有一个用作Web服务代理的类,则无法安全地模糊类名:

public class MyWebServiceProxy : SoapHttpClientProtocol
{

}

Also some obfuscators can not handle generic methods and classes.

一些混淆器也无法处理泛型方法和类。

The trick is you need to find these types and prevent the obfuscater from renaming them. This is done with the Obfuscation attribute:

诀窍是你需要找到这些类型并防止obfuscater重命名它们。这是通过Obfuscation属性完成的:

[global::System.Reflection.Obfuscation(Exclude=true, Feature="renaming")]

#3


Another thing that can be a problem with obfuscators is serialization using BinaryFormatter, since it changes the field names. I have some users who use protobuf-net for serialization on their obfuscated code for this reason.

混淆器可能存在的另一个问题是使用BinaryFormatter进行序列化,因为它会更改字段名称。由于这个原因,我有一些用户使用protobuf-net对其混淆代码进行序列化。

#1


Dotfuscator (and all obfuscators) are typically safe to run on an application, but they do occasionally cause problems. Without specific details of your problem, it's difficult to diagnose.

Dotfuscator(和所有混淆器)通常可以安全地在应用程序上运行,但它们偶尔会导致问题。如果没有问题的具体细节,很难诊断。

However, one common problem with obfuscators is when you mix them with reflection. Since you're changing the type names, but not strings, any time you try to reflect on objects with a specific string name, and use the reflection namespace to construct objects, you'll likely have problems.

但是,混淆器的一个常见问题是当它们与反射混合时。由于您要更改类型名称而不是字符串,因此每次尝试反映具有特定字符串名称的对象,并使用反射命名空间构造对象时,您可能会遇到问题。

#2


Most of the problem I have encountered with obfuscation revolve around types that can't have their name changed, because something needs to reflect on them (your code or the runtime).

我在混淆中遇到的大多数问题都围绕着无法更改其名称的类型,因为需要反映它们(您的代码或运行时)。

for example if you have a class that is being used as a web service proxy, you can't safely obfuscate the class name:

例如,如果您有一个用作Web服务代理的类,则无法安全地模糊类名:

public class MyWebServiceProxy : SoapHttpClientProtocol
{

}

Also some obfuscators can not handle generic methods and classes.

一些混淆器也无法处理泛型方法和类。

The trick is you need to find these types and prevent the obfuscater from renaming them. This is done with the Obfuscation attribute:

诀窍是你需要找到这些类型并防止obfuscater重命名它们。这是通过Obfuscation属性完成的:

[global::System.Reflection.Obfuscation(Exclude=true, Feature="renaming")]

#3


Another thing that can be a problem with obfuscators is serialization using BinaryFormatter, since it changes the field names. I have some users who use protobuf-net for serialization on their obfuscated code for this reason.

混淆器可能存在的另一个问题是使用BinaryFormatter进行序列化,因为它会更改字段名称。由于这个原因,我有一些用户使用protobuf-net对其混淆代码进行序列化。