3

My EXE will use a DLL for certain validation. I dont have the access to the DLL code, so I tried to decompile the DLL, then create another similar DLL which always return true. Replace the DLL with the newly created and the EXE will able to bypass the validation.

So, i been task to prevent this scenario. Currently, i have the option to encrypt the dll using Confuser. Is that any other method i can take?

Nerdynosaur
  • 1,798
  • 9
  • 32
  • 61
  • 5
    You are trying to prevent some attacker from replacing your DLL with a bad one? A hash or signature of the DLL could prevent this, or rather you could detect that it has happened. – Dave S Aug 05 '19 at 01:52
  • 5
    Couldn't you check the DLL's digital signature (you'd have to sign it, of course)?: [see here](https://stackoverflow.com/questions/28556981/c-sharp-how-to-get-dll-or-exe-files-digital-signer-certificate-info-even-the-c) – ProgrammingLlama Aug 05 '19 at 01:55
  • 2
    I strongly agree with @John. Digital signatures are the way to go. Just look at most of the major Windows system files. The digital signature allows you to know whether an authentic, original Microsoft file has been replaced with one that does not have a trusted signature. – jhilgeman Aug 05 '19 at 02:51
  • Can we not then just patch the signature check in the EXE and load whatever DLL I want? Sounds like a race to the bottom here – Brendan Green Aug 05 '19 at 03:32
  • 1
    @BrendanGreen Well, if you go deep enough down the rabbit hole, your CPU just interprets bytecode, and it can _always_ be manipulated by editing some of these bytes. – Nyerguds Aug 05 '19 at 08:29
  • Assuming you have access to the application source code you could try strong naming your DLL. You can find out more on here https://learn.microsoft.com/en-us/dotnet/framework/app-domains/strong-named-assemblies – user2818985 Aug 05 '19 at 13:39
  • 1
    All you can do is make it harder to tamper with your code, not impossible. If your EXE is also signed and requires admin rights then the UAC prompt will change from the normal prompt to the warning one, but if it is the user who is altering your code they won't be stopped by that. Most games are cracked a day or two after release despite using heavy-handed copy protection libraries like Denuvo – Dave S Aug 05 '19 at 17:09

0 Answers0