Understanding Obfuscation
Assemblies in .NET contain significant source code details, such as type and member names (even for private types) and instructions written in a high-level intermediate language. Dotfuscator's obfuscation transforms protect against reverse-engineering by removing these details from your assemblies while preserving the application's functionality.
Transforms
Dotfuscator Community offers basic protection with its renaming transform. This transform is aimed at making a human attacker's job harder by removing meaning from the names of types, members, and parameters.
Additional transforms, including those aimed at defeating automated decompilation, are exclusive to Dotfuscator Professional.
Library Mode
Dotfuscator classifies input assemblies into two categories:
Library assembly: This assembly will be referenced by other assemblies not included in the Dotfuscator config.
Non-library assembly: This assembly is either stand-alone or is only referenced by other input assemblies.
Depending on the category of an input, Dotfuscator's transforms behave differently. In Dotfuscator Community, the most relevant difference is that the public types and publicly-accessible members of a library assembly are never renamed, because external assemblies may be referencing those code elements by name.
Inputs are assumed to be library assemblies unless Library Mode is explicitly turned off in the configuration of the input. If an input is not referenced by external assemblies, you may wish to disable Library Mode for that input, to increase the amount of renaming.
Smart Obfuscation
Smart Obfuscation is a feature of Dotfuscator which applies built-in obfuscation rules automatically for known API usage patterns and application types.
For example, if the assemblies use the names of a certain enumeration (via Enum.ToString()
, etc.), Smart Obfuscation will automatically exclude that enumeration's members from renaming, as the names are probably significant to the code or to users.
Sometimes Smart Obfuscation can recognize that an action needs to be taken, but cannot determine what specific action to take because static analysis does not yield enough information. When this happens, Smart Obfuscation issues a warning instead.
When Smart Obfuscation is enabled (which it is by default), building can produce, in addition to normal Build Output, Smart Obfuscation information and warnings. These will be displayed as additional tabs in the lower section of the user interface.
Declarative Obfuscation
In addition to configuring obfuscation transforms through the Dotfuscator user interface, Dotfuscator also obeys configuration specified declaratively in the assembly via standard .NET attributes. This process is known as Declarative Obfuscation.
To enable Declarative Obfuscation:
Annotate your code with obfuscation attributes as appropriate.
Ensure that, for each relevant input assembly, the Honor obfuscation attributes option is enabled.
- We strongly recommend you also enable the Strip obfuscation attributes option, as these attributes are not needed after Dotfuscator has processed the assemblies.
Build your Dotfuscator config.
For instance, consider a method that is known to be called by reflection. If Dotfuscator renames this method, the reflection lookup will cause run time errors.
The ObfuscationAttribute
can be used on this method to indicate that it should be excluded from renaming, as in the following code:
Invoked via Reflection, Excluded from Renaming:
[System.Reflection.Obfuscation(Exclude=true, Feature="renaming")]
public void CalledFromReflection(int someValue) {
When Dotfuscator processes the assemblies produced by this source code, it will exclude the method from renaming, in addition to any exclusions in the config.
Suppress Ildasm Global Option
Newer versions of Visual Studio (15.6+) can decompile assemblies back into C# code.
Dotfuscator can prevent Visual Studio from using this feature on your assemblies by adding the SuppressIldasmAttribute
to all output assemblies.
This will also stop the official .NET disassembler, ildasm
, from operating on your assemblies.
Please note that this attribute only protects against Visual Studio and ildasm
decompilation, and will not affect third-party tools.
You can enable this feature through the Dotfuscator GUI or by passing -suppress:on
to the Dotfuscator CLI.