PreEmptive Protection - Dotfuscator
Community Edition User Guide

Tamper Check

With the Tamper Check, Dotfuscator injects code that verifies your application's integrity at runtime.

Configuration

Tamper Checks can be added to your code by following the Check configuration instructions, using the InsertTamperCheckAttribute in step 2.

In the output assemblies, whenever a method that was annotated with InsertTamperCheckAttribute is called, the injected code will first check if the assembly has been modified and, if configured, notify the application code of the result. If the Check found a discrepancy, it will transmit Check Telemetry and perform a Check Action, if these are configured.

Supported Application Types

Dotfuscator Community Edition (Dotfuscator CE) can inject Tamper Checks into all .NET assemblies except for the following:

  • .dll assemblies (this restriction does not exist in the Professional Edition)
  • Assemblies that target .NET 1.0
  • Managed C++ assemblies containing native and managed code
  • Multi-module assemblies
  • .NET Compact Framework assemblies
  • Silverlight assemblies
  • Windows Phone assemblies
  • WinRT assemblies
  • Xamarin assemblies

Testing

To test how the Tamper Checks injected into your application react to assembly tampering, Dotfuscator CE includes a command line utility to simulate tampering by modifying the assembly's metadata. It is located in the Dotfuscator CE install directory, the same directory which contains Dotfuscator CE's command line interface:

[VS Install Dir]\Common7\IDE\Extensions\PreEmptiveSolutions\DotfuscatorCE\TamperTester.exe

The utility takes two arguments:

  • The path to the assembly to modify. Required.

  • The directory where the modified version will be written. Optional, defaults to tampered located in the same directory as the assembly to modify.

For instance, to test Tamper Check of an assembly, MyApp.exe, processed by Dotfuscator:

TamperTester example usage

TamperTester.exe c:\code\MyApp\Dotfuscated\MyApp.exe c:\code\MyApp\TamperTesting

This will produce a tampered version of the assembly located in the c:\code\MyApp\TamperTesting directory. (Note that if the MyApp.exe has dependencies on other assemblies not in the Global Assembly Cache, they will need to be copied to this directory.) Then, running c:\code\MyApp\TamperTesting\MyApp.exe will demonstrate how the application reacts to being tampered.



Dotfuscator Version 5.27.0.4713. Copyright © 2017 PreEmptive Solutions, LLC