4

Why can we decompile .NET assemblies easily?

What's the main reason we can decompile .NET EXE files easily?

There are much software that I can use to obfuscate my application code, but why does it need to obfuscate for protection? Couldn't Microsoft make it difficult to know basically? May the main reason be that .NET code should turn into IL code? Is this true?

Peter Mortensen
  • 30,738
  • 21
  • 105
  • 131
Sajjad
  • 237
  • 3
  • 11
  • 2
    you may want to read [this question](http://stackoverflow.com/questions/506282/protect-net-code-from-reverse-engineering) first – mtijn Oct 04 '11 at 06:44
  • back to the basic question, do you want to lose/expose the code of your applications/techniques/researches to others? Intelligence Property? – Pete Houston Oct 04 '11 at 06:49
  • also it might be an interesting read to you: "CLR via C#" by Jeffrey Richter (ISBN 0735627045). – Dmitry Oct 04 '11 at 06:51
  • Also: note this isn't very different to java; it isn't a question of "couldn't make it difficult" - simply: *that is not the requirement* (and would be a false veneer of security) – Marc Gravell Oct 04 '11 at 06:54
  • Are you sure you aren't asking "why isn't the compiler obfuscating the code a little, for example by stripping the local variable names" or "why even in Release mode my code doesn't seem to be optimized very much?" – xanatos Oct 04 '11 at 06:56
  • 1
    4:09 into this interview with Vance Morrison, a key IL designer: http://channel9.msdn.com/shows/Going+Deep/Vance-Morrison-CLR-Through-the-Years/ – Hans Passant Oct 04 '11 at 07:54

3 Answers3

2

IL code (which is what .NET assemblies contains) is a higher level (virtual) machine language (and much more simpler - stack based only, no registers, etc. as you have in a CPU) than the CPU assembly (x86, ARM, etc.) which is much more low level and not easy (as there are various registers, etc.).

So when the C# compiler compiles to IL code, it is much easier to construct (guess) the original C# code.

Peter Mortensen
  • 30,738
  • 21
  • 105
  • 131
Ankur
  • 33,367
  • 2
  • 46
  • 72
1

Why didn't Microsoft do it? Because you can not protect your code against a determined hacker. Like the biggest software provider, they don't make built-in something like this, but they let you have a market of tools where you can choose the most apropriate tool for you based on your needs and pocket size.

Peter Mortensen
  • 30,738
  • 21
  • 105
  • 131
Tigran
  • 61,654
  • 8
  • 86
  • 123
0

When you open up a .NET DLL with DotPeek or Reflector you are converting IL back into code in the language of your choice. It is important to visualise this as it won't give you back exactly the same code that was written, just code that would produce the same IL.

Fenton
  • 241,084
  • 71
  • 387
  • 401
  • This IS a little nitpicking :-) You'll probably have code better formatted but without comments. Even on release mode the compiler doesn't introduce many changes. – xanatos Oct 04 '11 at 06:54
  • 1
    There are a few places where it will optimise your code, which often come back looking a bit different. Simple statements don't change very much. – Fenton Oct 04 '11 at 07:02
  • 1
    And sometimes it will just do the completely wrong thing (looking at you Reflector!). – leppie Oct 04 '11 at 07:03