3

I have written a program in .net C# to encrypt some information.

To accomplish the task I used an array which contains confidential information.I need to know that is it possible to crack the exe.I mean can anybody get the array from the exe file.The array values are not shown in the application.I used community version of Dotfuscator which comes with Visual Studio.NET. All I want to know that is it possible to extract the exe to access the member variables used in it.. ??

Abdur Rahman
  • 657
  • 16
  • 46

2 Answers2

4

Yes, it would be very easy to decompile the application. You might want to install and run Reflector (or a similar equivalent) and see what gets exposed. Fundamentally, if there's sensitive information embedded in the application, it can always be found.

Jon Skeet
  • 1,421,763
  • 867
  • 9,128
  • 9,194
2

Definitely yes, if you didn't encrypt the Exe by using Dotfuscator or any other protection software, the cracker not just can see your array variables, but can return the whole source code of your application.

Wael Dalloul
  • 22,172
  • 11
  • 48
  • 57
  • Nitpick: Dotfuscator et al. provide *obfuscation* (hence the name), not encryption - in the hope that it will make understanding of the decompiled app harder. This is aimed more at program flow than at data structures contained therein. – Piskvor left the building Dec 13 '11 at 10:51
  • @Nitpick: you are right, it should be obfuscation:), but keep in mind encryption for string is one of the features provided by Dotfuscator. – Wael Dalloul Dec 13 '11 at 10:56
  • Well yes - but to keep the strings usable, Dotfuscator needs to insert the decryption code into the resulting application - which brings it back to "even more obfuscation". (I don't think that we're actually in disagreement) – Piskvor left the building Dec 13 '11 at 11:49