Reacties op: Code Signing as Reverse Engineering Protection

Door: Anoniem

Anoniem — Tue, 11 Aug 2009 11:56:10 +0000

Thanks, works really great.

Door: Ashley Tate

Ashley Tate — Tue, 18 Nov 2008 17:56:39 +0000

“In conclusion, Iâ€™d say code signing offers no protection against others determined to modify your assemblies.”

Well, that’s because strong signing isn’t intended to prevent reverse engineering or stop people from modifying your assemblies. It exists primarily to prevent secret and malicious changes to redistributable libraries that could be blamed on the original library author.

Door: David Cumps

David Cumps — Tue, 02 Oct 2007 06:59:32 +0000

The ‘Strong Name Remove’ tool does this as well

Door: Sebastien LEBRETON

Sebastien LEBRETON — Tue, 02 Oct 2007 06:42:35 +0000

Be careful, when removing the strong name of an assembly ‘foo.dll’, you need to patch all assemblies referencing ‘foo.dll’ (in order to update the public key token). Your ‘CrackMe’ sample works fine because you are patching the main executable, but if your protection logic was in a class library DLL you have to update both the DLL (removing the strong name) and the EXE (updating the reference).

Door: David Cumps » Reverse Engineering with Reflector and Reflexil

David Cumps » Reverse Engineering with Reflector and Reflexil — Sat, 29 Sep 2007 16:08:57 +0000

[...] Code Signing as Reverse Engineering Protection. [...]

Door: David Cumps » Obfuscation - Making Reverse Engineering Harder

David Cumps » Obfuscation - Making Reverse Engineering Harder — Sat, 29 Sep 2007 15:49:10 +0000

[...] decompile and reverse engineer .NET assemblies using Reflector and Reflexil. I’ve also shown that applying a strong name to your assembly does not protect your code from reverse engineering. So, what else is [...]