PreEmptive Protection - Dotfuscator 4.31
User Guide

Smart Obfuscation

Smart Obfuscation is an ongoing effort to identify and apply obfuscation rules automatically for known API usage patterns and application types.

The current implementation recognizes applications and libraries that use some common technologies and patterns, such as:

  • Windows Presentation Foundation (WPF) (disabled if Transform XAML is enabled for the assembly)
  • Windows Communication Foundation (WCF)
  • Windows Workflow
  • Windows Cardspace
  • Data-bound Windows Forms controls
  • Enumerated type values used as strings
  • Late calls in VB applications
  • Custom Serialization
  • Web Services
  • Silverlight (disabled if Transform XAML is enabled for the assembly)
  • ...and so on

For these application types, Dotfuscator’s Renaming and Removal features can make a best effort to identify cases where renaming or removing elements will break the output application. It then automatically prevents renaming or removal without additional user configuration.

The Smart Obfuscation rules use static analysis to determine what elements should be excluded from renaming or used as removal entry points. When such an item is discovered, the rule issues a notification that displays in the Smart Obfuscation tab. Sometimes a rule can recognize that an action needs to be taken, but cannot determine what specific action to take because static analysis does not yield enough information. When this happens, the rule issues a warning that displays in the Smart Obfuscation tab.

Dotfuscator allows you to turn Smart Obfuscation off. Smart Obfuscation is turned on by default, and in most cases should be left on. It can be turned off in cases where the user believes that more aggressive obfuscation will not hurt the application. There are several ways to turn it off:

  • Changing the <option> setting in the <smartobfuscation> section to disable.
  • From the Project Properties dialog in the Visual Studio UI.
  • From the Settings Tab in the standalone UI.

Dotfuscator allows you to control the verbosity of Smart Obfuscation reporting. You can choose to report all actions and warnings, warnings only, or suppress reporting altogether. There are several ways to set the reporting level:

Dotfuscator allows you to save the Smart Obfuscation report to a file in addition to displaying it. You may instruct Dotfuscator to save the report to a file by specifying a file path in any of the following places:

Dotfuscator automatically renames an existing Smart Obfuscation report with the same name before overwriting it with a new version. If you do not want this behavior, there are several ways to instruct Dotfuscator not to rename existing removal reports before overwriting:

Smart Obfuscation Report

Dotfuscator generates a Smart Obfuscation report in XML format that lists all items flagged by the Smart Obfuscation process. Keep in mind that the contents of the report reflect the Smart Obfuscation reporting verbosity setting - if the verbosity is set to Warnings Only or None, items flagged by Smart Obfuscation may be omitted from the report. Each entry represents one item that was flagged by Smart Obfuscation, and has a description of what the item was and why it was excluded, along with an attribute indicating whether the flag action was a warning or a notification.

The elements of the Smart Obfuscation report are similar to those in the map file and removal report. A few things are noteworthy:

  • The report includes the name of the rule that flagged the item, the identity of the item, the action taken, and the reason for that action.
  • The identity of the flagged item is specified by the type of item (type, method, field, property, etc.) and its full signature.
  • In type names, nested class names are separated from the parent using the / character.
  • Constructors are named .ctor, while static constructors (a.k.a. static initializers, class constructors, etc) are named .cctor.

Dotfuscator Version Copyright © 2017 PreEmptive Solutions, LLC