1、需求说明
需求很简单,使用c#开发的程序,编译后产生的dll和exe文件,但是为了被他人反编译盗取源代码,我们需要对开发程序进行混淆操作,防止他人盗看我们的源代码程序,其实混淆处理这一概念不光在这里提到,如果小伙伴们从事爬虫领域工作,也会有同样的问题,为了防止他人怕取网站信息,会对网页内容进行混淆处理,但今天我们主要讲的是Dotfuscator的使用方法,如何对我们的开发程序进行混淆处理,并配合ILSpy反编译工具查看混淆和未混淆后的区别!
2、下载地址
链接:https://pan.baidu.com/s/1ixgAWk9MCn5CsQMlWyGgCw
提取码:dkjk
提示:安装很简单,按着提示下一步就ok,ILSpy不需要安装,解压后即可使用
3、Dotfuscator混淆流程
安装Dotfuscator点击该程序,进入初始界面,选择Create New Pro,点击OK
选择左下侧第一个文件夹图标,选择打开需要进行混淆的文件exe或dll,点击OK
选择文件后会,点击文件展开树状结构,取消Library
点击Settings,将Disable String Encryption设置为NO
选择Settings下的Project Proertiles,添加两个信息(下面截图我只添加了ILASM_v4.0.30319,ILDASM_v4.0.30319和上一个操作相同)
ILASM_v4.0.30319
C:\Windows\Microsoft.NET\Framework\v4.0.30319\ilasm.exeILDASM_v4.0.30319
C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.6.2 Tools\ildasm.exe
提示: 在添加ILDASM_v4.0.30319信息的value的时候要根据自己电脑目录下存在的版本进行选择,我的visual studio是2019,所以是v10.0A,低版本可能不是,(v10.0A\bin\NETFX 4.6.2 Tools\ildasm.exe名称存在差异)
添加完毕后,截图如下
提示:如果不添加两条信息,最后在进行混淆的时候会提示错误, Could not find a compatible version of ildasm to run on assembly C:\xxx.dll This assembly was originally built with .NET Framework v4.0.30319
点击rename,勾选文件
选择String Encryption,勾选文件
最后选择保存按钮,选择一个保存的目录
点击绿色三角运行按钮开始混淆,显示Build Finished
提示:被混淆后的exe文件会被存在上一部你保存的文件目录下Dotfuscated文件夹里面
4、混淆比对
我们借助 ILSpy反编译软件对混淆后的exe和未混淆后的exe进行比对,可以看到已经截然不同。
// 混淆过的代码
private int FindIndex(string received)
{
switch (0)
{
case 0:
{
IL_0E:
int result;
while (true)
{
QCHandler.IndexState indexState = QCHandler.IndexState.IndexStateStart;
int num = 0;
int num2 = 3;
while (true)
{
int arg_26A_0;
QCHandler.IndexState arg_157_0;
bool arg_1F2_0;
bool flag2;
bool flag3;
switch (num2)
{
case 0:
num2 = 29;
continue;
case 1:
{
QCHandler.IndexState indexState2;
if (indexState2 != QCHandler.IndexState.IndexStateStart)
{
num2 = 20;
continue;
}
num2 = 23;
continue;
}
case 2:
goto IL_BA;
case 3:
goto IL_215;
case 4:
arg_26A_0 = -1;
goto IL_26A;
case 5:
num2 = 6;
continue;
case 6:
goto IL_BA;
case 7:
if (true)
{
}
num2 = 8;
continue;
case 8:
{
QCHandler.IndexState indexState2;
if (indexState2 != QCHandler.IndexState.IndexStateQuotes)
{
num2 = 0;
continue;
}
bool flag = '"' == received[num];
num2 = 14;
continue;
}
case 9:
goto IL_FF;
case 10:
arg_157_0 = QCHandler.IndexState.IndexStateQuotes;
goto IL_157;
case 11:
if (received.Length > num)
{
num2 = 18;
continue;
}
num2 = 4;
continue;
case 12:
goto IL_145;
case 13:
arg_26A_0 = received.IndexOfAny(new char[]
{
'\n',
';',
'"'
}, num + 1);
goto IL_26A;
case 14:
{
bool flag;
if (flag)
{
num2 = 15;
continue;
}
goto IL_FF;
}
case 15:
indexState = QCHandler.IndexState.IndexStateStart;
num2 = 9;
continue;
case 16:
result = num;
num2 = 28;
continue;
case 17:
arg_1F2_0 = false;
goto IL_1F2;
case 18:
num2 = 13;
continue;
case 19:
num2 = 24;
continue;
case 20:
num2 = 7;
continue;
case 21:
if (!flag2)
{
num2 = 16;
continue;
}
goto IL_215;
case 22:
num2 = 26;
continue;
case 23:
if ('"' != received[num])
{
num2 = 22;
continue;
}
num2 = 10;
continue;
case 24:
arg_1F2_0 = (QCHandler.IndexState.IndexStateDone != indexState);
goto IL_1F2;
case 25:
if (-1 != num)
{
num2 = 19;
continue;
}
num2 = 17;
continue;
case 26:
arg_157_0 = QCHandler.IndexState.IndexStateDone;
goto IL_157;
case 27:
goto IL_145;
case 28:
return result;
case 29:
goto IL_145;
case 30:
{
if (flag3)
{
num2 = 5;
continue;
}
QCHandler.IndexState indexState3 = indexState;
QCHandler.IndexState indexState2 = indexState3;
num2 = 1;
continue;
}
}
break;
IL_BA:
num2 = 25;
continue;
IL_FF:
num2 = 27;
continue;
IL_145:
num2 = 2;
continue;
IL_157:
indexState = arg_157_0;
num2 = 12;
continue;
IL_1F2:
flag2 = arg_1F2_0;
num2 = 21;
continue;
IL_215:
num2 = 11;
continue;
IL_26A:
num = arg_26A_0;
flag3 = (-1 == num);
num2 = 30;
}
}
return result;
}
}
goto IL_0E;
}
// 未混淆代码
private int FindIndex(string received)
{
IndexState indexState = IndexState.IndexStateStart;
int num = 0;
do
{
num = ((received.Length <= num) ? (-1) : received.IndexOfAny(new char[3]
{
'\n',
';',
'"'
}, num + 1));
if (-1 == num)
{
continue;
}
switch (indexState)
{
case IndexState.IndexStateStart:
indexState = (('"' == received[num]) ? IndexState.IndexStateQuotes : IndexState.IndexStateDone);
break;
case IndexState.IndexStateQuotes:
if ('"' == received[num])
{
indexState = IndexState.IndexStateStart;
}
break;
}
}
while (-1 != num && IndexState.IndexStateDone != indexState);
return num;
}
}
提示:ILSpy的使用可以查看该博主https://www.cnblogs.com/sentangle/p/12110739.html博客
5、鸣谢
1.dotfuscator 在混淆.Net Framework 4.0以上版本的时候报错的解决方法
https://blog.csdn.net/winnyrain/article/details/17141331
2.反编译工具ILSpy的使用
https://www.cnblogs.com/sentangle/p/12110739.html
3.dotfuscator的使用