Change Log - Version 4.25.0 - Release Date September 29, 2016
- Added a new Debugging Check feature. Dotfuscator can inject code into an application to detect and react to the presence of a managed debugger, at runtime. This feature can be configured by adding the DebuggingCheckAttribute on the Instrumentation screen or via in-code attributes. Telemetry can be enabled via the "Send Debug Check Messages" global option.
- Added a new `Action` property to `DebuggingCheckAttribute` and `InsertTamperCheckAttribute` to control how an instrumented application will react to a detected Debugging Check or Tamper Check. There are four options:
- The default `None` action does nothing.
- The `Exit` action causes the instrumented application to immediately exit.
- The `Exception` action causes the instrumented application to throw an exception.
- The `Hang` action causes the instrumented application to hang the current thread indefinitely.
- Added a new `ActionProbability` property to `DebuggingCheckAttribute` and `InsertTamperCheckAttribute` which determines how likely the specified `Action` is to occur at runtime. Setting this to a value other than the default `1.00` will cause the instrumented application to behave less predictably, confusing attackers.
- A warning is displayed in the Build Output if an `InsertTamperCheckAttribute` (or `DebuggingCheckAttribute`) is configured to do nothing.
- A warning is displayed in the Build Output if Dotfuscator will inject code into a constructor, which may cause runtime errors in certain scenarios.
- Tamper (and Debugging Check) will now send telemetry even if Setup has not yet been called.
- Shelf Life Check telemetry will still only send telemetry if Setup has already been called.
- Increased the level of obfuscation applied to the code Dotfuscator injects into assemblies.
- The `DefaultAction` value for the `ApplicationNotificationSinkElement` property on an `InsertTamperCheckAttribute` is now deprecated. In order to retain the same behavior, please instead set the `ApplicationNotificationSinkElement` to `None` and set the new `Action` property to `Exit`.
- Running `dotfuscator.exe` with no arguments will now display usage information to the command line, instead of opening the Dotfuscator stand-alone UI. If you want to run the Dotfuscator stand-alone UI, run `dotfuscatorUI.exe`.
- The `/g` option is no longer available on `dotfuscator.exe`. If you want to run the Dotfuscator stand-alone UI, run `dotfuscatorUI.exe`.
- Artifacts within a package now display in italics and gray text, consistent with Community Edition's UI.
- Assemblies within a package that were previously configured but are now missing from the package now appear in the Input GUI with a red exclamation point icon.
- Artifacts within a package display their names, instead of their paths within the package (which is redundant with the tree structure they're placed in).
- Fixed an issue where adding `ExceptionTrackAttribute` to an assembly which references WinForms, but not `System.dll`, sometimes resulted in an incorrect `System` assembly reference.
- Fixed an issue where having Control Flow enabled in the Visual Studio Integration UI could cause a `DuplicateKeyException`.
- Added better handling for quoted PublicKey(s) and PublicKeyToken(s) in assemblies.
- Fixed some Xamarin-related issues by adding support for XAML 2009.
- Prevented the commandline version of Dotfuscator (`dotfuscator.exe`) from displaying GUI dialogs.
- Fixed various other minor bugs.