Skater .NET Obfuscator適合那些希望周期性地混淆.NET產(chǎn)品代碼的用戶。RustemSoft內(nèi)部也在使用Skater，以保證所有RustemSoft .NET可執(zhí)行文件和程序集的安全。命令行版本（運(yùn)行在批量文件模式下）將更方便升級您的預(yù)定產(chǎn)品。先在一個圖形用戶界面版本中為一個程序集分配一些配置，這些配置將在批量混淆文件時使用。

Skater .NET Obfuscator功能介紹 | Skater .NET Obfuscator示例 | Skater .NET Obfuscator各種版本之間的區(qū)別

Skater .NET Obfuscator的主要功能

• 阻止逆向工程。

• 混淆后的應(yīng)用程序一般不能反編譯。

• 可處理任何.NET應(yīng)用程序、可執(zhí)行文件和程序集。

• 可加密常量字符串。

• 兼容于任何.NET框架(1.0, 1.1, 2.0, 3.0, and 3.5)。

• 流量控制混淆可防范反編譯器和反混淆器。

• 可擾亂類名，方法名和字段名等。

• .NET授權(quán)功能。

• 為小的.NET應(yīng)用程序提供.NET代碼擴(kuò)展保護(hù)。

• 在一個dll或者exe文件中加入配置鏈接、鏈接器單元和.NET程序集。

應(yīng)用程序漏洞、偷竊知識產(chǎn)權(quán)和收入損失是現(xiàn)今公司面臨的最大威脅。根據(jù)商業(yè)軟件聯(lián)盟（Business Software Alliance）的數(shù)據(jù)，世界范圍內(nèi)，軟件盜版率達(dá)40%。

代碼混淆可有效地防止未授權(quán)的逆向工程。
任何軟件保護(hù)技術(shù)的主要功能是：檢測盜版行為（破解密碼或者篡改軟件）；這些破解密碼和篡改軟件的行為將使被保護(hù)的軟件降級到無檢測狀態(tài)，軟件保護(hù)技術(shù)還要防止這種降級情況的發(fā)生。

主要的混淆技術(shù)：

• 混淆私有和公共變量的名字
  擾亂類、方法、變量和其他程序集的名字。名字被混淆后，難以對程序集代碼實施反向工程。Skater的一些設(shè)置可生成防止反編譯的名字。

• 字符串加密
  字符串加密功能可對字符串?dāng)?shù)據(jù)類型值進(jìn)行選擇加密。您也可對所有的字符串加密?？梢曰煜承┨厥獾淖址??？梢赃x擇某種加密方法對字符串加密，只有一些特別的字符串將被加密或混淆。

• 控制流混淆
  可阻擋反編譯器和反混淆器。通過打亂.NET方式（功能和程序）代碼，控制流混淆可阻止逆向工程。通過流量控制混淆算法，在程序集中的IL代碼將被打亂，在保護(hù)代碼時還會插入誘餌指示?？刂屏骰煜椒▽嶋H上是將程序集轉(zhuǎn)換為“管道代碼”，黑客和反編譯工具更難入侵。

例子

先寫一段簡單的命令行應(yīng)用程序，然后混淆它。下面兩段程序分別是VB.NET 和 C# 版的"Hello World!"程序（顯示字符串"Hello World!"）。實際上，除了顯示"Hello World!"，它還會顯示今天的日期和當(dāng)下的時間。為了弄清混淆后會有何不同，我們還會加入兩個私有變量。

你可以看到四個高亮的成員名。兩個是私有變量名：today和str. Module1是類名。Main是一個簡單類中的唯一一個方法（method）名?，F(xiàn)在我們開始在.NET環(huán)境中編譯這些簡單的代碼。編譯后，我們可以得到ConsoleApplication1.exe可執(zhí)行文件。這個可執(zhí)行文件中包含什么呢？為什么人們認(rèn)為需要隱藏了.NET中的東西呢？

.NET Framework SDK中有一個反匯編器ILDasm，通過ILDasm，您可將.NET編譯語言反編譯為IL（.NET框架中的中間語言）程序集語言形式。在命令行中運(yùn)行ILDasm，您就可以反編譯ConsoleApplication1.exe。下圖就是反編譯后的代碼。

這些IL腳本是不是很清晰，可以讀懂呢？也許，對于我們這些菜鳥，這些IL代碼確實難懂。但是對于那些真正懂得IL語言的技術(shù)專家，這些.NET源程序是小菜一碟。通過一些更高級的反編譯器將源代碼轉(zhuǎn)換為其他語言，這樣更多人能讀懂您的源代碼。更高級的反編譯器可以將.NET程序集直接反編譯為高級語言，如C#, VB .NET, 或者 C++.

現(xiàn)在，我們通過Skater .NET Obfuscator混淆這段ConsoleApplication1.exe可執(zhí)行文件。在Skater Obfuscator中打開這個exe文件，進(jìn)入用戶界面中的Options，然后選擇在'Naming Conventions'下的'Alpha-Numeric characters'。選擇所有混淆模式下的私人和公共成員。

當(dāng)您運(yùn)行混淆后的ConsoleApplication1.exe時，它的運(yùn)行結(jié)果是一樣的。讓我們看看混淆后，這個簡單的程序里發(fā)生了什么變化。我們需要再次在ILDasm.exe中運(yùn)行這個被混淆后的可執(zhí)行文件（ConsoleApplication1.exe），然后我們可以得到下面IL腳本。

Skater .NET Obfuscator通過阿拉伯?dāng)?shù)字取代成員名，這使得代碼更難理解。但這沒什么了不起，每種混淆器都可以做到。每個人都可以用不同的阿拉伯?dāng)?shù)字取代名稱。ILasm.exe是另外一款.NET Framework SDK編譯器，可以將IL代碼編譯成可執(zhí)行文件代碼。通過它，我們可以將被混淆的IL代碼反編譯成可執(zhí)行文件。Skater .NET Obfuscator可以生成無法反編譯的可執(zhí)行文件。下面是IL腳本。

可以看到，所有的成員名都被'?'代替。很明顯，上面的IL代碼無法編譯，即使編譯成了可執(zhí)行文件也將無法正常運(yùn)行。通過Skater .NET Obfuscator中的一些特殊設(shè)置，很容易得到這樣的IL代碼。只需進(jìn)入混淆器界面中的Options，在'Naming Conventions'.下選擇'?' characters即可。

Skater .NET Obfuscator通過改變字節(jié)碼，將那些有意義的方式名（比如Main()）用隱藏名（比如'?'()）取代。這些新名也稱為亂碼名。雖然反編譯器還是可以將混淆后的字節(jié)代碼反向轉(zhuǎn)換，但是這些沒有意義的亂碼名極大地降低了新生成的源程序代碼的價值，而且代碼很難讀懂。這些亂碼名還有一個好處，當(dāng)長的名字被簡短的名字代替時，編譯代碼的長度也變短了。

混淆成員名只是.NET程序集混淆過程中的第一步。為了更好的保護(hù)您的.NET應(yīng)用程序，您還要使用Skater .NET Obfuscator中的其他功能和算法。

Skater .NET混淆器各種版本之間的區(qū)別比較：

.NET代碼保護(hù)可以防止.NET安裝源代碼進(jìn)行再編譯（沒有改變其功能性），并隱藏.NET代碼的主要部分。對于需要利用.NET代碼保護(hù)功能的.NET程序開發(fā)者，標(biāo)準(zhǔn)版是一實惠的解決方案?；跇?biāo)準(zhǔn)版，軟件開發(fā)者可以：

• 名稱混淆

• 字符串加密

專業(yè)版除了具有標(biāo)準(zhǔn)版的功能外，還增加了字符串加密、控制流混淆和.NET鏈接程序集功能。

終極版為軟件開發(fā)者提供混淆器的所有功能。除了標(biāo)準(zhǔn)版和專業(yè)版的功能外，終極版還提供代碼擴(kuò)展和.NET應(yīng)用程序授權(quán)功能。

If you would like periodically obfuscate your .NET products the Skater .NET Obfuscator is for you. RustemSoft is using the Skater for internal needs securing all RustemSoft .NET executables and assemblies. Its command-line version running in batch mode is much useful for your scheduled products updates. You have to assign settings for an assembly in GUI version first. Then the batch obfuscate task will use the settings.

Main features of Skater .NET Obfuscator

• Prohibits reverse engineering
• Obfuscated application usually is not recompilable
• Processes any .NET application, executable or assembly
• Encrypts string constants
• Compatible with any .NET framework (1.0, 1.1, 2.0, 3.0, and 3.5)
• Control flow obfuscation stops decompilers and deobfuscators
• Scrambles class names, method names, field names etc.
• Provides .NET Licensing features
• Implements .NET Code Extension for small .NET applications protection.
• Implements assemblies linkage; linker unites .NET assemblies into a single dll or exe

Application vulnerabilities, Intellectual Property theft and revenue loss are among the most serious risks facing companies today. According to Business Software Alliance statistics, four out of every ten software programs is pirated in software business, world wide.

Code obfuscation is a form of software protection against unauthorized reverse-engineering.
The chief functions of any software protection technique can be determined as detection of pirate attempts to decipher or tamper software, protection against such attempts and alteration of software to ensure that it functionality degrades in an undetectable manner if the protection fails.

Cardinal obfuscation techniques:

Private and Public members names obfuscation.
It scrambles names of classes, methods, variables, and other assembly members. It makes assembly code reverse engineering much harder by obfuscating names. Some Skater settings allow to generated names that will prevent recompilation.

String encryption.
The string encryption function allows you to select literal values of string data type to be encrypted. You may select all strings to be encrypted. Also you may mark some specific strings to obfuscate. You have choice to apply a cryptography method for the string encryption. Only specified strings will be encrypted /obfuscated.

Control Flow obfuscation intended to stop decompilers and deobfuscators from functioning correctly.
Control Flow obfuscation subdues reverse engineering by scrambling .NET methods (functions and procedures) code. The Control Flow obfuscation algorithm distorts and reorders the IL code in the assembly, inserting bait branch instructions while preserving code semantics. This obfuscating essentially converts assembly method implementations into "spaghetti code", making interpretation by human hackers and decompiler tools much more difficult.

Example

Let's try to write a simple command-line application and then obfuscate it. The following console programs are the VB.NET and C# version of the "Hello World!" program, which displays the string "Hello World!" Actually it is not the traditional "Hello World!" and it displays in addition today's date and current time. We have added couple of private variables to see what happen when we obfuscate them.

You can see four highlighted members' names. Two are private variables' names today and str. Module1 is name of the class. Main is name of method that is single method in the simple class.
Now we are ready to compile the simple code in .NET environment. We may get ConsoleApplication1.exe executable file as a result of compilation. What is inside in the executable? Why do people say we need to hide our .NET stuff?

The .NET Framework SDK ships with a disassembler utility called ILDasm that allows you to decompile .NET assemblies into IL (Intermediate Language) Assembly Language statements. To decompile the ConsoleApplication1.exe file start ILDasm on the command line. Take a look what we got after the decompilation:

Everything looks pretty obvious and understandable in the IL script. Is not it? Right, it is hard to figure out the IL code for us more mortals. So if you are now guessing your .NET source code will be accessible only to a small circle of technical folks who actually know IL Assembly Language, think again. You can take this step further and actually recreate the source code by using some much sophisticated decompilers. These decompilation tools can decompile a .NET assembly directly back to a high level language like C#, VB .NET, or C++.

Ok, we are ready to obfuscate the sample ConsoleApplication1.exe executable by using Skater .NET Obfuscator. Open the exe file in Skater Obfuscator. In the Obfuscator interface go to Options tab and select 'Alpha-Numeric characters' under 'Naming Conventions'. Choose all Private and all Public members obfuscation mode.

When you run the obfuscated ConsoleApplication1.exe it produces the same result. Take a look what changed inside the simple program. We need to run the ILDasm.exe again against the new obfuscated executable and it will give us the following IL script:

Skater .NET Obfuscator just replaced member names with alpha-numeric combinations that makes harder to understand the code. However it is not so big trick and every Obfuscator can do that. Everyone can replace the alpha-numeric char combinations with some eye-friendly names. Moreover, by using ILasm.exe (one more .NET Framework SDK assembler utility that allows you to compile IL code back into an executable) we can easily recompile the obfuscated IL output and it will work without problems.
Skater .NET Obfuscator can generate a non-recompilable executables. See the IL script below.

Sure, the presented above IL code can not be compiled or the compiled executable will not work well. As you can see all member names has the same single '?' character representation. We can get the result by using Skater .NET Obfuscator special settings. In the Obfuscator interface go to Options tab and select '?' characters under 'Naming Conventions'.

Skater .NET Obfuscator changes the bytecodes so that meaningful method names, such as Main(), could be presented as a cryptic names such as '?'(). This renaming is also known as name mangling. Although decompilers can still reverse-engineer obfuscated bytecodes, the meaningless names greatly reduce the value of the generated source code and make the code not understandable. The name mangling also has an interesting side effect: after obfuscation, when wordy, descriptive names are converted to shorter, simpler names, the total size of the compiled code shrinks.

The member names obfuscation is the very first essential step of .NET assembly obfuscation. You need to apply other Skater .NET Obfuscator methods and algorithms to better secure your .NET apps.

Skater .NET obfuscator is available in several editions presented in the table below:

The Standard Edition is an economical solution for .NET developers who need to utilize the .NET code protection that will prevent .NET assembly source code recompilation without changing its functionality and will hide the main points of your .NET code. With the Standard Edition, developers can do:

• Names mangling
• Strings encryption

In addition to options presented in Standard Edition by using the Professional Edition you will be able to implement Strings cryptography, Control Flow obfuscation, and .NET assembly linking.

Skater .NET obfuscator Ultimate Edition is a complete solution for developers who want to use the full gamma of obfuscator's features. In addition to options presented in Standard Edition and Professional Edition by using the Ultimate Edition you will be able to implement Code Extension, and .NET application licensing.