Ways to obfuscate c#/silverlight source code

Question

I'm looking for ways to obfuscate the following c#/silverlight source code:

    if (searchBox.Text.Equals("string literal")){
        MessageBox.Show("another string literal");
    }

So far all I can come up with to hide it is encoding the strings as arrays of ascii...

All I want is for the source code to be unreadable, this is for an easter egg. Security is not a priority for me.

I don't want the presence of an easter egg to be known. I'm trying to obfuscate the program flow so it doesn't appear like there is a line of code like

if (specialcase)
    doEasterEgg();

I've seen stuff on like the obfuscated c contest where hello world turns into globbidy gook. Anything similar that people know of for c#?

Let me guess: `"string literal"` is the secret backdoor password? — dtb, Jul 13 '10 at 15:53
@dtb: It looks to me more like it is a search box control... — Mike Atlas, Jul 13 '10 at 16:00
@Mike Atlas: That's just to confuse the reader of the decompiled code. :-) — dtb, Jul 13 '10 at 16:24
Nobody's decompiling, they just do code reviews of the application before it's pushed from the development to production environment. — NickHalden, Jul 20 '10 at 13:08

score 4 · Accepted Answer · edited May 23 '17 at 12:13

What exactly do you want to protect against?

The transmission of the text value of the control to your server? In that case, any "obfuscation" by any non-encryption technique will easily be overcome by a motivated attacker. You should look into encrypting your strings, rather than obfuscating them.
If you're looking to obfuscate your source code itself, you really should let a third party tool handle it. Anything you might invent on your own is likely to be easily reverse-invented.
EDIT: If you just want to hide an Easter Egg, how about using ROT13?
EDIT 2: How about assigning them misleading constants and referencing them in a different static class that is misleadingly named?

.

// in other source file ValidateInput.cs
public const VALID_STRING = "secret";

public class ValidateInput {
    public static bool Validate(string srcText)
    {
         return srcText == VALID_STRING;
    }
    public static void LogicValidSearch()
    {
         return;
    } 
}

//In your main application
if (ValidateInput.Validate(searchBox.Text)) {
    ValidateInput.LogValidSearch();
}

Well I know a bunch of ways to encrypt the string literal, I took a cryptology course. But I don't want anyone to even know there IS an easter egg. So I can't have a line of code that looks like If special case: do easter egg Is there anyway to obfuscate that program flow? For example, something like writing a function and somehow putting it in a dll or anything? I don't actually know what that means but I've heard it tossed around. Thanks — NickHalden, Jul 14 '10 at 18:52
Ah yes, that's more what I was looking for... best answer so far! — NickHalden, Jul 20 '10 at 13:06

score 1 · Answer 2 · answered Jul 13 '10 at 16:07

There's not enough code here to obfuscate effectively. Your only option is hashing the value of "string literal" and encrypting the value of "another string literal". This technique is not safe either because you would have to expose your encryption method.

Ways to obfuscate c#/silverlight source code

2 Answers2