Support Corner: Protecting Self-Contained and Single-File .NET Projects

PreEmptive has closely followed the evolution of .NET Core since its inception, adapting alongside its many changes. One significant shift introduced by .NET Core is the new methods of publishing and deploying projects. These include self-contained and single-file deployments, which simplify the distribution and execution of applications.

Understanding Self-Contained and Single-File Deployments

  • Self-Contained Deployments: These deployments package all necessary dependencies within the application, allowing it to operate independently of installed frameworks.
  • Single-File Deployments: Similar to self-contained deployments, this method compresses all dependencies into a single executable file, further simplifying distribution.

Common Challenges with Protection

When attempting to load a self-contained or single-file executable, Dotfuscator will present an “Invalid Input Assembly” error. This issue arises because these executable files comprise managed and unmanaged components, whereas Dotfuscator is designed to expect only managed components as input.

AD 4nXdTvtRxY7Ytk566PjIXAcmSY3HP4i7fk7omHQfcCioDOW3sEPLlrAq2qAwyzDS4u MjEYm6RputgKUyUB8oTkp8TUx5Kacn4PhQDqNrBGtsR2QjaTtTxHQt3wVUgn5GrDrXjaePDD1mjTUHzIlyjh8e7ODX8WkNLiGrlAo4s DlZSx3VfDIwQ?key=g68ftC wZHMaDacX V3FsA

The same type of error can also appear when using the command-line interface:

AD 4nXf3b C67inGiDzfr9ijdZD13d4gsQ15Z0xN zu1pUrT4iFDeFqZQKNZN gyyB9VsIoTD20oYK0eSfqgydHoIfnh0WEDH1tkC L074Q95nnqNxezKUg4zoe8zHr8HQ2LQKAj sBPJxVvTvb7 vF7eaOZzLHEfAepS tgJ59rsWeo4MVNnxGytA?key=g68ftC wZHMaDacX V3FsA

Protecting Your Deployments

Despite these challenges, we still need to protect these files. Managed components, which are extracted during installation, are vulnerable to being decompiled, hacked, or reverse-engineered once they are on the end-user’s device.

Integrating Dotfuscator in the Visual Studio Project File

By integrating Dotfuscator directly into the Visual Studio project file, Dotfuscator runs a build task, protecting the MSIL (Microsoft Intermediate Language) before the application is packaged for deployment. This works whether you are deploying as self-contained, single-file, or another format.

AD 4nXdyN0Bm37nXGBtUy3mW7FTBj8SOVgYWHb8oVx9wCmdC8pWllG1QC6XH1nDG1dcvCtJlAsis3373uQfxQR9Y8bpm8xgItk55efNqKlJ5LqhzEU6Z1j88j4TO4dmjdAx5kStN29vq2B1ISqDrl HjyvKQbNz11VOXx8TSiD4BLZXSAPujI8rrx38?key=g68ftC wZHMaDacX V3FsA

By integrating into the project file, Dotfuscator runs a build task to protect MSIL before packaging it for deployment.  This works whether deploying as self-contained, single-file, or otherwise.  

.NET Core and Cross-Platform Advancements

NET Core has marked one of the most significant advancements in the history of .NET, enabling the development of fully cross-platform applications. This was a considerable leap, given that previously, .NET applications were primarily confined to Windows. PreEmptive continues to support these evolving deployment methods as part of our commitment to enhancing the security of .NET applications across all platforms.

Feedback? We Want to Hear From You

If you have feedback on this topic or suggestions for future topics in the Support Corner, please do not hesitate to contact our Support team. We value your insights and look forward to enhancing our services based on your needs.