-1

I'm trying to create a piece of software that allows the user to login and stream a byte[] of a dll to be used for injection. For example

public static byte[] getDLL()
{
    using (WebClient wc = new WebClient())
    {
        Uri url = new Uri("http://mysite/dll.dll");
        return wc.DownloadData(url);
    }
}

I successfully managed to make this in C# using visual studio. However you can easily decompile the program and make it create the dll at a specific location on your computer therefore leaking it. And there's pretty much no way that I can prevent this.

Would I be better of using a language that's harder to decompile like say C++ or C for example or am I just going to run into the same problem what ever language I use? And is it really worth the effort.

Wai Ha Lee
  • 8,598
  • 83
  • 57
  • 92
Ben Urquhart
  • 25
  • 3
  • 2
    Any software that runs on a user's machine can be decompiled/hacked/etc by the user if they have sufficient knowledge and motivation. You can make it harder, but not impossible. – TheUndeadFish Oct 17 '15 at 05:42
  • What do you mean by steam a byte[] of a DLL? Load the DLL and get a byte array out of it? Your concern is that someone replaces the DLL with a different one returning different bytes? Perhaps the solution you are looking for is code-signing that way you know the DLL you load is yours. The other potential meaning I imagine is that you are concerned with someone else opening your DLL and getting the data out without going through your frontend application. The fix for this would be a measure of obfuscation plus a handshake between application and DLL with non-repeating negotiation. The DRM prob. – harningt Oct 17 '15 at 05:48
  • Hi harningt thanks for your response. I updated the post with a code snippet to hopefully show what I mean. I'm using the byte[] from the dll that's downloaded to inject into a process. – Ben Urquhart Oct 17 '15 at 06:05
  • What is your goal in hiding the DLL from being seen? If you want to prevent users from seeing it, then as mentioned, there is nothing that will truly accomplish that. If you just want to prevent competitors from using your DLL, then instead of technical restrictions, consider legal restrictions. –  Oct 17 '15 at 09:55

2 Answers2

2

You can't prevent decompiling anything, neither C# nor C++ or anything else.
Languages like C++ require more manual work compared to eg. C#, and obfuscators can make it harder to understand the code, but everything just slows down the one doing it, instead of preventing it.
(And stuff like DLLs and encryption won't help at all for securing the code)

If it is a problem that some user of the program can see the full code, you're doing something wrong. Any secret like passwords etc. don't belong in files the user gets, but on some server controlled by you and only reachable for the user through network connections etc.

deviantfan
  • 11,268
  • 3
  • 32
  • 49
-2

I'm not very clear about the first paragraph of your question.But here is some idea for you.

Simply De-compiling is not an issue, if outsiders cant use generated code to hijack your assembly.

As my understanding there are plenty of tools to "reasonable de-compile" or browse the .NET assemblies content. If you use C++ or C, there are de-compilers, The source code are generated by them are not accurate and need lot of manual works.

Secondly if you used native language such as C or C++ those has plenty of vulnerabilities. you have to use all the good practices to avoid injecting kind of issues. https://www.securecoding.cert.org/confluence/pages/viewpage.action?pageId=637

There are tools for avoid de-compilation. you can google Obfuscator. some famous are Dotfuscator, Secure Team.

And also you can think about the project architecture changes. such as including DLL code in to the main EXE etc...

Also you can use key generation mechanism to verify the DLL. Just after loading the DLL exe call common function in the DLL and get the one time key and verify.

Nayana Adassuriya
  • 23,596
  • 30
  • 104
  • 147