Decompiling a vb.net application - vb.net

I don't know if this is the correct place to post this question, so sorry if it is in the incorrect place.
Question:
How easy is it for a third-party person to decompile my vb.net application? I mean is it even possible?
For example, I have an .exe, would someone just put that .exe into a decompiler and... BAAM!!, they can see all the code? Speaking of code, when compiling, does the code get encrypted? If not, is there a way to encrypt the code?
I have used SWF decompiler to decompile a .SWF to .FLA, and to decompile an SWF is really really easy with this tool. Would it be this easy to decompile an .exe?
Thanks.

Yes. You can decompile your code very easily. .Net Reflector is an excellent tool to do exactly as you describe.
Imagine if you encrypted the code. The runtime on the users computer would still need to decrpyt it to understand it.
Best you could do would be to obfuscate your code.

.net reflector is not free anymore, I recommend telerik JustDecompile, free and very easy to use, a great tool http://www.telerik.com/products/decompiler.aspx . It's able to decompile everything the way you described

Related

Alternatives for Using MATLAB Files and Deploying Them into DLL's

I have some source code for the BaNa Noise Resilient Pitch Detection Algorithm downloaded here, and I am planning to use the code they provided as a library for a mobile app I'm making. It's written in Objective-C for MATLAB and so I'd probably need to deploy it to a DLL to be able to use it for external applications.
The only thing is that I'm a student, and I don't really have the funds to purchase MATLAB just to be able to work with this algorithm, and so I'm downloading Octave, which was a suggested alternative. This should be able to make working and editing the code for my research possible, but my concern is if I can deploy the code into usable libraries for the application in which I'm going to make using the Unity Game Engine.
I'm not sure if the direction I'm going at will bring me to a dead-end or not, so I'd like to ask for insights regarding this.
What I have now:
1) Source code in MATLAB (.m files)
2) Octave (currently downloading, I'm not even sure if it has the built-in methods I need)
What I plan to do:
1) Use Octave to edit code and test out if the code I have works
2) Deploy it to a DLL file (Is this even possible with Octave?)
3) Use that DLL in Unity3D
Would you guys have any suggestions, alternative workarounds, or foreseeable problems I may encounter with this? Any advice would be greatly appreciated.
Thank you in advance,
Justin
Depending on what functionality from MATLAB (and especially toolboxes), the code should run just fine in Octave, maybe with some minor modifications. If however, the code relies heavily on some toolbox functionality that has not been implemented in Octave, then you have a fair amount of recoding to do.
There is not easy way that I know of to generate a DLL from Octave. Having said that, have a look at How do I create a simple Octave distributable without installing Octave and this section of the Octave documentation on the subject of generating standalone programs from Octave, it might point you in the right direction.

Using Eazfuscator but code can still be read from the assemblies?

I am trying to protect my dll from disassemblers.
I am using "Eazfuscator.NET Assistant" as dll encryption tool. but after that the Reflector still can read the source code. is it anything i need to do before using Eazfuscator or after? or can anybody can introduce me a free encryption tools which it is can help me to encrypt my source code?
Thank you very much.
You can consider .Net Reactor it works for me.
You can try code obfuscators. Also you can try to pack your dll with software like UPX. Although it could be disassembled it will be much harder do understand what's going on in the assembly.
There are some more techniques like:
Adding garbage code, which can confuse anyone reading disassembly.
Adding breakpoint detection code.
Adding self modifying code.
Doing PEB structure checks.

Source Code Protection

When you compile a program to publish with Visual Studio 2010, does that have any advanced methods to keep your program being decompiled to source code? Are there any methods you would use to encrypt yoursource code before compiling?
Visual Studio by default does not apply any form of enhancements nor modify the compiled binaries other than chosen optimization setting.
There are however protectors you can make use of.
Remember UPX?
Well upx is still a very viable method of encrypting your binaries altough of course it all depends on your needs.
No, there's really no way to prevent a managed assembly from being decompiled back into source code. The best you can hope for is obfuscation, which can do quite a good job of making the decompiled code hard to understand.
VS 2010 comes with Dotfuscator community edition which will obfuscate your code to a point making it harder to read once decompiled. The only real choice is to encrypt your code if you need the absolute best security. You might want to check out the paid edition http://www.preemptive.com/products/dotfuscator/overview to see if it suits your needs and budget
You can use obfuscators which employ various techniques like class/method name renaming, string encryption, method call hiding, etc. Even if someone were to view your code in a disassembler, he would not be able to make any sense out of it.
DISCLAIMER: I work for LogicNP Software, the developers of Crypto Obfuscator
VS and any other good compiler make optimalizations. Solely these optimalizations are often enough to make your application resist reverse engineering attempts.
This will not encrypt constants in your program so mypass will still be found as mypass in the binary. You need an encryption program for that.
Alas I have no idea what the good and bad encryption programs are for binaries so I won't suggest any.
Best protectors are confuser ,engima and themida
Wibu Systems offers a solution that encrypt the binary files which will preventing reverse engineering.
https://www.wibu.com/uk/products/protectionsuite/axprotector-ip-protection.html

How to decompile an exe or a dll to assembly

I am really interested in assembly language and I want to learn about how exe files work how dlls run etc... and I have an idea of writing an application to decompile an exe to assembly code since i am not a very good assembly programmer and with the lack of knowledge of the inner working of exe I couldn't do it. Since I can read an exe in hex i think it is not impossible but I don't know how to write my own program. Any resources or any help would be appreciated.
I think you're looking for a disassembler not a decompiler. IDA pro seems to be popular and you can download an older version for free at http://www.hex-rays.com/idapro/idadownfreeware.htm
There are a lot of dissemblers already written for you (see above), but I don't think reading disassembled code is going to help you become a better assembly writer. The main reason for this is that compilers do A LOT of optimization before they generate assemblies. Often this makes for very tricky code to read but highly efficient code to analyze.
If you're interested in what a compiled program looks like at the a assembler level a much more meaningful approach would be compile and look at the generated assembly. For example with gcc/g++ this just requires gcc -c -S filename.c and will leave a clear text assembly file to look at.
Take a look at this Decompilation Wiki, I suspect it will answer most of your questions.

Location of VB.NET "source" code, similar to Java's JDK src.zip

Does VB.NET have anything similar to Java's JDK source code? When I used to work in Eclipse, I could right click and view the generated code, or "look under-the-hood" so to speak. I found this feature very helpful in understanding what was happening behind the scenes, and it helped me to write better, more simplified code.
I have so far been working with Visual Studio 2010's Object Browser, and I have also been looking at the generated designer files, but these often do not drill down far enough.
The best program to do this is called .NET Reflector and you can download it from here: http://www.red-gate.com/products/reflector/
It lets you see executables and DLL's under the hood
ScottGu has an old blog post about this:
http://weblogs.asp.net/scottgu/archive/2008/01/16/net-framework-library-source-code-now-available.aspx
You can also use the .NET Reflector to peek into the code for any .NET dll, but keep in mind it won't look like the code in Visual Studio :)
http://www.red-gate.com/products/reflector/