Microsoft .NET proved a mechanism where the code written in VB.NET, C# or any
CLS compliant languages to generate MSIL (Microsoft Intermediate Language) code
which targets the CLR and executes. This is an excellent mechanism to abstract
the high level code from the underlying hardware.
What gets generated from the source file is a PE (Portable Executable), which
will run on the CLR. Despite the advantages it offers, this mechanism faces a
severe drawback of the MSIL, which can get recompiled to the actual source code.
Microsoft tool ILDASM.EXE adds up to this problem by giving an option to output
an .IL from an assembly, this file contains code resembling the actual source
code hence posing a sever threat to the intellectual property of the company.
Lets understand this problem with an example:
Class1.vb
imports system
Namespace mynamespace
class mclass
shared sub main
console.writeline("hi from main")
end sub
public function SayHi as string
SayHi = "Hi from Function"
end function
end class
end namespace
This code when compiled generates a executable Class1.exe.
vbc Class1.vb
When you fire up ILDASM utility we can get to see the IL code which is read from
the METADATA of the assembly.
To output .IL file from the assembly use the tool ILDASM.
ILDASM Class1.exe /out=Class1.il.
The Class1.il file thus generated looks more then just junk code but a clear
readable code properly structured and resembles the actual source code. This
sample clearly shows the part of IL code generated from Class1.exe assembly. The
methord MAIN which prints "hi from Main" resembles the actual source code.
.method public static void main() il managed.
{
// Code size 11 (0xb)
.maxstack 1
.locals init (class System.Object[] V_0)
IL_0000: ldstr "hi from main"
IL_0005: call void [mscorlib]System.Console::WriteLine(class
System.String)IL_000a: ret
} // end of method mclass::main
Can an IL be reverse-engineered ?
Well, i think u must have guessed by now that reverse engineering code
from IL is fairly straight forward.
Is there a way to protect the assembly from
getting disassembled ?
Well, yes as for now the only methord to protect the assembly is to use
the tool ILASM with the /owner option.
Follow these steps to protect the assembly from getting disassembled.
Step1: Generating IL
ILDASM Class1.exe /out=Class1.il.
Step2: Setting the owner option
ILASM /owner=abc Class1.il.
This will create the assembly Class1.exe with the owner as "abc", not try to
open this assembly with ILDASM utility.
You will get a message saying "Copyrighted Material- can not disassemble".
This assembly can only be viewed by supplying the owner.
ILDASM /owner=abc Class1.exe.
Once the compilers come with the /owner option, protecting the assembly will be
much easier.