2

I would like to protect my DLL from being modified with a patcher. I heard that signing the DLL will protect the DLL from modifying the ILCode, but It seems like I can still use a patcher to modify the signed DLLs ilcode.

Any thoughts how can I do It?

DreTaX
  • 760
  • 2
  • 9
  • 22
  • 4
    If I'm not mistaken, if you sign the DLL and someone modifies it, your application should automatically determine that the signature has changed and is not valid – Camilo Terevinto Dec 25 '15 at 18:32
  • you can't really, the only way to prevent the process from being modified is to disable debug permissions. Microsoft does this with the processes for their DRMed content playback. A word of warning... that doing so is very painful to do and not recommended. – Mgetz Dec 25 '15 at 18:33
  • Process? We are talking about a DLL. Does that have to do anything with the ilcode modification? @cFrozenDeath Really? Hmmmm I will try It. – DreTaX Dec 25 '15 at 18:37
  • @DreTaX nope, you can't do anything about that. Moreover the CLI runtime can modify your code as it sees fit for performance reasons. Read the spec. – Mgetz Dec 25 '15 at 18:37
  • @cFrozenDeath that only prevents load, not modification in memory – Mgetz Dec 25 '15 at 18:38
  • Nah nah. I read It on stack under a question that people can modify your code with CIL unless you sign the dll. That way It's impossible to modify a constant value too. – DreTaX Dec 25 '15 at 18:39
  • @Mgetz I don't need MEMORY MODIFICATION protection. I need DLL writing modification protection. – DreTaX Dec 25 '15 at 18:40
  • @DreTaX I think you're missing my point, the IL representation is irrelevant to what gets executed as the runtime needs to JIT anyway. Things like Generic Virtual Methods actually require modification by the runtime to JIT and thus are modified. The loader only checks the *Authenticode* signature on load into memory. After that it could care less. The SxS signature is never checked for performance reasons. – Mgetz Dec 25 '15 at 18:41
  • That's the JIT, but not other people. I'm asking for defensive actions that allows people to modify the il with an application, and write It to a dll. I hope you know how that works. I don't need to care about the afterwards solution. Or is there a way to modify methods and things like that from the memory? – DreTaX Dec 25 '15 at 18:43
  • 3
    Have you read this? http://stackoverflow.com/questions/13346265/how-to-prevent-spoofing-of-dlls-in-net – Camilo Terevinto Dec 25 '15 at 18:45
  • Nah not yet. Wait let me try something. – DreTaX Dec 25 '15 at 18:47
  • @cFrozenDeath You must be right, my application should detect the modified code. It's just a fact that I have already compiled DLLs which are unsigned, and I sign them myself. It looking good, but the reference failes to recognize the dll as It should. https://db.tt/b98lJmor – DreTaX Dec 25 '15 at 18:56
  • @cFrozenDeath Yes, the link It had says It needs me to enable It. https://msdn.microsoft.com/en-us/library/cc713694.aspx I just need a way to add that to the existing exe, you may reply It and I will mark It as an answer. – DreTaX Dec 25 '15 at 19:59
  • You cannot add that to an existing exe/dll, you will need to recompile your application and the libraries you want to protect – Camilo Terevinto Dec 25 '15 at 20:09

1 Answers1

0

How to prevent spoofing of DLLs in .NET

Also, SmartAssembly is able to provide a feature which is able to bypass modification to your ilcode.

"Creates a proxy for calls to methods outside of your assembly to make it hard to find external calls."

Community
  • 1
  • 1
DreTaX
  • 760
  • 2
  • 9
  • 22