How to install and use obfuscar?

Question

I just finished my C# project(WPF), but now I meet problems on using "obfuscar" (another applicaion would be welcome, if easier to use).

Of course I looked already on internet for it, but didn't find a documentation "for newbies"...

I also tried to use BasicExempleExe provided with obfuscar from github, then some questions remaining :

I see no install file for obfuscar, so already for 1st step I think I missed something?
I see in Example directory a file obfuscar.xml. I understood what is that file for, but I don't see at what level it is called.

Can please some guy be of any help?It is not such a big project I am doing now, but I would like to learn how to do that, and since yesterday I could not understand anything, that's why I finally decided to post here.

http://docs.obfuscar.com/en/latest/tutorials/basics.html The basic example has bee updated. — Lex Li, Sep 03 '17 at 18:19

Lei Yang · Accepted Answer · 2017-05-12T12:22:04.390

51

Download the Obfuscar.Console.exe you can download from Nuget, then unzip obfuscar.versionnumber.nupkg, and find the exe.
Besides exe, create one input folder and one output folder. put BasicExemple.exe into input folder.

Besides exe, create plain text file(config.xml for example), and the contents can be very simple:

<?xml version='1.0'?>
<Obfuscator>
  <Var name="InPath" value=".\input folder name" />
  <Var name="OutPath" value=".\output folder name" />
  <Module file="$(InPath)\BasicExemple.exe" />
</Obfuscator>

Run cmd, cd to exe's directory, then run Obfuscar.Console.exe config.xml
The output folder will contain the processed binary.

edited May 12 '17 at 12:22

answered May 12 '17 at 11:41

Lei Yang

3,970
6
38
59

wow, incredibly easy, great thanks :) 1) didn't know this .nupkg was a zip file, I thought I made a mistake 2) can I do this only for exe, or I can add a line "Module" for my dlls? – Siegfried.V May 12 '17 at 11:52
if you installed some zip application(such as 7z), you can unzip it directly .dll is no different, just replace filename. – Lei Yang May 12 '17 at 11:53
1

I also tried to open obfuscated code with notepad++, but I see lot of variable names are still visible, how can I check if it has been obfuscated? – Siegfried.V May 12 '17 at 11:56
Also great tool thanks, and in fact not all of my variables has been renamed, I guess there are some advanced parameters for Obfuscar(I also read something that it can put all in a block, because here I see structure of program remains the same). – Siegfried.V May 12 '17 at 12:07
i'm also a beginner. if it helped, could you accept as answer – Lei Yang May 12 '17 at 12:22
of course, answer just PER-FECT :) just cannot vote it yet – Siegfried.V May 12 '17 at 12:37
One question plese : obfuscation is working good for .dll files, but when trying to obfuscate my .exe file, it is not working anymore, a friend told me it is not possible to obfuscate a C# project, ca you confirm me that?or is there a way to have some help about it please? – Siegfried.V May 12 '17 at 15:45
so, except .dll files what can I obfuscate? I also tried to obfuscate my class files before compiling(class.cs files), but obfuscator gives an error. Seems I have no choice to make all in class libraries if I want to obfuscate? – Siegfried.V May 13 '17 at 03:06
it can only obfuscate .net assembly(after compiling) – Lei Yang May 13 '17 at 03:15
I decided to test other obfuscators then, Eazfuscator is very good for C# softwares. You just "link it" to VS2015, and obfusscating is automatic when in Release mode. But if you want to commercialize your software, you may pay 400 dollars (it is cheap I think). For now the best option I found, but it seems for C# applications there is no other option to pay for it. – Siegfried.V May 13 '17 at 06:24
commercial software is off topic, and you can ask customer service instead of stack overflow. – Lei Yang May 13 '17 at 07:34
on that point you're right(I didn't even think about it), I already contacted Obfuscar service and waiting an answer, because on another topic it is said we can do it(but didn't explain why).keep U in touch when I can find an issue. – Siegfried.V May 13 '17 at 16:10
1

@Siegfried.V You can use following setting to obfuscate public method names – parag Feb 02 '18 at 05:25
Does anyone get this tool with Xamarin? How do I obfuscate the libraries before the APK is generated? – GeorgeMR Jul 23 '19 at 15:45
Hi, Guys... I've installed through nuget package manager, but no file .exe could found. Help me – Marinpietri Aug 20 '20 at 18:18
Ditto here for "lot of variable names are still visible". – Steve Smith Apr 28 '21 at 13:23
I've set everything to true in obfuscar.xml and now I'm getting string exceptions. When I set almost everything to false it works. – GorgeousPuree Aug 28 '21 at 18:20
This did not work for me. I did exact steps and successfully ended process in Cmd, with no errors. Then I opened project in dotPeek and noticed that It obfuscated only minor things - despite I used a lot of available parameters of Obfuscar. I ended up with following [this video](https://www.youtube.com/watch?v=DRYQIjjke5Y) and used same xml file as before, and result project was correctly obfuscated. – Lucy82 Mar 16 '23 at 14:30

score 31 · Answer 2 · edited Jul 25 '21 at 06:22

I have just created an extended configuration file for Obfuscar and would like to share it.

Full list of available parameters here.

<?xml version='1.0'?>
<Obfuscator>
  <Var name="InPath" value="." />
  <Var name="OutPath" value=".\Obfuscator_Output" />
  <Var name="KeepPublicApi" value="false" />
  <Var name="HidePrivateApi" value="true" />
  <Var name="RenameProperties" value="true" />
  <Var name="RenameEvents" value="true" />
  <Var name="RenameFields" value="true" />
  <Var name="UseUnicodeNames" value="true" />
  <Var name="HideStrings" value="true" />
  <Var name="OptimizeMethods" value="true" />
  <Var name="SuppressIldasm" value="true" />
  <Module file="$(InPath)\MyApplication.exe" />
</Obfuscator>

score 15 · Answer 3 · answered Dec 02 '18 at 17:18

15

I set this up to run on the Post Build event in Visual Studio.

Add Obfuscar NuGet Package to your solution.
Add obfuscar.xml file to your project and change Copy to Output Directory: Always. See the post on this thread by vinsa for an XML sample. I had to include the full path to my project in "InPath" variable. Then the obfucasted folder was under bin/[debug / release].
In the Visual Studio post build events enter: "$(Obfuscar)" obfuscar.xml

answered Dec 02 '18 at 17:18

Elim Garak

1,728
1
16
21

4

I added the line `CD $(TargetDir)` before `"$(Obfuscar)" obfuscar.xml` to make `` work. I think it is due to various drives used. – Gfy Dec 28 '19 at 20:22
if you don't work in `C:` drive. then use the `/d` switch like so: `CD /d $(TargetDir)` – Lenor Apr 05 '20 at 15:07
I tried this. It gives error Renaming: fields...Parameters...Properties...Events...Methods...Types...Done. 1> 1> Unhandled Exception: System.IO.IOException: The process cannot access the file – Gentleman Sep 29 '21 at 10:19

Ignacio · Answer 4 · 2019-02-10T22:14:59.823

In order to use it on a .Net Core 2.1 console app, you can do this:

1 - Install Obfuscar by executing the following command in a console window:

dotnet tool install --global Obfuscar.GlobalTool --version 2.2.18

(you can check the last version here: https://www.nuget.org/packages/Obfuscar.GlobalTool)

2 - Add an XML file to the project you want to obfuscate called obfuscar.xml with the following content (from @vinsa answer):

<?xml version='1.0'?>
<Obfuscator>
<Var name="InPath" value=".\bin\Release\netcoreapp2.1\linux-arm\publish" />
<Var name="OutPath" value="$(InPath)\ReadyForDeployment" />
<Var name="KeepPublicApi" value="false" />
<Var name="HidePrivateApi" value="true" />
<Var name="RenameProperties" value="true" />
<Var name="RenameEvents" value="true" />
<Var name="RenameFields" value="true" />
<Var name="UseUnicodeNames" value="true" />
<Var name="HideStrings" value="true" />
<Var name="OptimizeMethods" value="true" />
<Var name="SuppressIldasm" value="true" />
<Module file="$(InPath)\YourProject.dll" />
</Obfuscator>

3 - Finally, right click on your project, then Properties, Build Events, and in the Post-build event text box add this line:

if $(ConfigurationName) == Release obfuscar.console .\obfuscar.xml

how can i use it with .net core 3.1 on macpro ? I am trying to obfuscate a library ! — kuldeep, Apr 29 '20 at 13:48
@kuldeep as far as I know, it should work well. You can check the official GitHub repo where you can post issues directly to the developer. First, do some tests and if you have an identified bug post a well documented issue there. — Ignacio, Apr 29 '20 at 20:23
how would we target for specific releases in the post build? e.g. `dotnet publish -c Release -r win-x64 -p:PublishSingleFile=true -p:PublishTrimmed=true --self-contained true` win-x64 vs linux-arm64 — lastlink, Sep 29 '20 at 14:02

score 4 · Answer 5 · answered Sep 27 '17 at 10:38

From PowerShell as Administator:

PS> Install-Package Obfuscar

This places the Obfuscar.Console.exe executable in the directory:

C:\Program Files\PackageManagement\NuGet\Packages\Obfuscar.2.2.9\tools

Change the Version number in the directory name accordingly.

score 2 · Answer 6 · answered Mar 12 '21 at 20:40

Had to use these settings for a .NET MVC web app (not core). I was getting default document errors without the changes to Public and Private API variables. Assumes running from NuGet created folder within "packages" at root of solution.

<?xml version='1.0'?>
<Obfuscator>
  <Var name="InPath" value="..\..\..\MyWebApp.WebApp\bin\" />
  <Var name="OutPath" value="..\..\..\MyWebApp.WebApp\bin\obfuscar" />
  <Var name="KeepPublicApi" value="true" /><!--Keep true for web app.-->
  <Var name="HidePrivateApi" value="false" /><!--Keep false for web app.-->
  <Var name="RenameProperties" value="true" />
  <Var name="RenameEvents" value="true" />
  <Var name="RenameFields" value="true" />
  <Var name="UseUnicodeNames" value="true" />
  <Var name="HideStrings" value="true" />
  <Var name="OptimizeMethods" value="true" />
  <Var name="SuppressIldasm" value="true" />
  <Module file="$(InPath)\MyWebApp.DataAccess.dll" />
  <Module file="$(InPath)\MyWebApp.Helpers.dll" />
  <Module file="$(InPath)\MyWebApp.Models.dll" />
  <Module file="$(InPath)\MyWebApp.WebApp.dll" />
</Obfuscator>

afruzan · Answer 7 · 2021-11-01T17:20:50.313

Autmate Obfuscar in Publish procedure

(Tested in .net 5)

Install Obfuscar Global Tool as .Net Tool global or local in your solution/project root:

dotnet new tool-manifest
dotnet tool install --local Obfuscar.GlobalTool

Place obfuscar.xml at your project root. Then add folowing in project file (.csproj)

  <Target Name="Obfuscation" AfterTargets="Build" Condition=" '$(Configuration)' == 'Release'">
    <Exec WorkingDirectory="$(TargetDir)" Command="obfuscar.console $(ProjectDir)obfuscar.xml" />
    <ItemGroup>
      <DistFiles Include="$(OutDir)Obfuscated\**\*.dll; $(OutDir)Obfuscated\**\*.exe" />
      <ResolvedFileToPublish Include="@(DistFiles->'%(FullPath)')" Exclude="@(ResolvedFileToPublish)">
        <RelativePath>%(DistFiles.RecursiveDir)%(DistFiles.Filename)%(DistFiles.Extension)</RelativePath>
      </ResolvedFileToPublish>
    </ItemGroup>
  </Target>

or use ComputeFilesToPublish target (not tested well).

obfuscar.xml file:

<?xml version="1.0" encoding="utf-8" ?>
<Obfuscator>
    <Var name="InPath" value="." />
    <Var name="OutPath" value="$(InPath)\Obfuscated" />
    <AssemblySearchPath path="C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App\5.0.5" />
    <Module file="$(InPath)\dependencyToObfuscate.dll" />
    <Module file="$(InPath)\mylibraryToObfuscate.dll" />
</Obfuscator>

Refer to more about obfuscar configuration file (obfuscar.xml).

Note: this solution does not work for dotnet 5 single file output publish.

Hope be helpful. Thanks to any better Solution for this perpose. I tested this in asp.net core 5 project on windows.

Avon Brown · Answer 8 · 2023-08-11T13:16:37.267

This steps worked for me using the NuGet method:

Add Obfuscar from NuGet Package to your solution.
Add MSBuild.Obfuscar from NuGet Package screenshot
Add Obfuscar.xml file to project root obsfuscar.xml
Change Inpath relative to obfuscar.xml file (.\bin\Release\netstandard2.0)
MSBuild.Obfuscar. target does the rest of creating and moving the file from obsfuscated file. I open the file to understand how MSBuild.Obfuscar.targets does all of the work. loction of MSBuild.Obfuscar.target background task

Sample XML file

<Obfuscator>
    <Var name="InPath" value=".\bin\Release\netstandard2.0\" />
    <Var name="OutPath" value="$(InPath)\obfuscated" />
    <Module file="$(InPath)\someLib.dll">
       <SkipType name=...    skipStringHiding="true" />
    </Module>
   <AssemblySearchPath path="..\someLib\" />
</Obfuscator>

How to install and use obfuscar?

8 Answers8

Linked

Related