Are there any ways to encrypted a project in ASP.NET, so my customers can not change change the function where it checks the license code?
Asked
Active
Viewed 805 times
4 Answers
5
No, it is not possible.
You can implement certain things that make it more difficult for customers to reverse or alter your program, in order such that it becomes cost-prohibitive to attempt such reversing or altering. But you cannot prevent them, if they are sufficiently determined, from reversing or altering your program.
yfeldblum
- 65,165
- 12
- 129
- 169
-
It is not very dangerous if they change the programs my really. This is the talk of CMS and webshop. But I would not want them to resell my products or to provide the further. Therefore, I wish to binne de against domains and license key. As he mentioned a few posts below here, so I could cool if an EXE file has been modified, but the vast majority or get web host does not allow execution of EXE files. And since I do this will be products that will have several vendors to have that product, is not this very well. What do you think is the best solution? – eriksv88 Oct 04 '09 at 08:05
-
You have to balance how much work you put into the deterent vs chances/amount of your losses if they indeed resell your software. I do not have an answer, it really depends on hte nature of you software/business/customer etc. – o.k.w Oct 04 '09 at 08:09
-
My clients are businesses within the webshop for the most part. Within the CMS is the corporate and private customers. It is well to talk about a few hundred customers. – eriksv88 Oct 04 '09 at 08:25
4
Take a look at Eziriz's .NET Reactor. It's pretty good at protection. From ther site:
.NET Reactor prevents decompilation by a variety of methods which convert your .NET assemblies into processes which no existing tool can decompile ( and which are also very likely to prevent decompilation by any future tool). .NET Reactor builds a native code wall between potential hackers and your .NET assemblies by producing a file which cannot be understood directly as CIL. Because the CIL in your assembly is emitted intact only at run time or design time (in a form in which the source is completely inaccessible), no tool is capable of decompiling .NET Reactor protected assemblies.
The native code wall created by .NET Reactor between the hacker and your source includes industry leading NecroBit technology, which is exclusive to .NET Reactor. .NET Reactor's protection has never been broken since the first release in 2004. These technologies make reconstruction of your source code more difficult by so many orders of magnitude that NecroBit is by far the most effective protection you can use for .NET assemblies.
Druid
- 6,423
- 4
- 41
- 56
-
Hey, that's good.. So it takes your MSIL and actually compiles some of it to native code... That would certainly be effective. – David Oct 04 '09 at 08:11
-
Sounds like a good method. Though not 100% bulletproof, the deterence level is pretty high. Good find! – o.k.w Oct 04 '09 at 08:13
-
-
The claims seem rather far-fetched when taken literally. No doubt the tool is a deterrent. – yfeldblum Oct 04 '09 at 15:32
-
Sorry about this, I can't seem to find a way to send a message privately. Do you have any experience with their other product, Intellilock? What's the significant difference other than the native code versus the 100% managed? – Some Canuck Nov 06 '09 at 20:15
1
Not if the customers are persistent and have even a modicum of skill. Obfuscation can only get you so far. Any .Net assembly can be decompiled.
See here for info: https://web.archive.org/web/20210802164013/https://aspnet.4guysfromrolla.com/articles/080404-1.aspx
Added
Also, see this previous question: .NET obfuscation tools/strategy
0
use Dotfuscator Community Edition that ships with VS. Also put checksum function to check if your EXE is changed or not.
Wael Dalloul
- 22,172
- 11
- 48
- 57
-
It's a web app, no EXE. However still do-able by injecting the checksum function into onf of the core independent assembly (if any). – o.k.w Oct 04 '09 at 08:11