保护。net代码不受逆向工程的影响?

混淆是一种方法，但它不能防止破坏应用程序的盗版保护安全性。如何确保应用程序不被篡改，如何确保注册机制不会被逆向工程?

此外，还可以将c#应用程序转换为本机代码，而Xenocode的成本太高。

c#提供了很多特性，是编写代码的理想语言，所以用c++重新编写整个代码库是不可能的。

安全证书可以很容易地从. net中的签名程序集中删除。

当前回答

如果它是用。net编写并编译为CIL，则可以反映出来。如果安全性是一个问题，并且要避免混淆，那么我建议使用非托管语言编写应用程序，这种语言本质上更难以进行逆向工程。

2009-02-03 08:01:30

其他回答

好吧，你不能完全保护你的产品不被破解，但你可以最大化/增强安全级别，让它有点难以被新手和中级破解者破解。

但请记住，没有什么是不可破解的，只有服务器端的软件受到了很好的保护，无法被破解。无论如何，为了增强应用程序中的安全级别，您可以执行一些简单的步骤来防止某些黑客“不是全部”破解您的应用程序。下面这些步骤会让你抓狂甚至绝望:

Obfuscate your source code, obviously this will make your source code look like a mess and unreadable. Trigger several random checking routines inside your application like every two hours, 24 hours, one day, week, etc. or maybe after every action the user take. Save your released application's MD5 checksum on your server and implement a routine that can check the current file MD5 checksum with the real one on you server side and make it randomly triggered. If the MD5 checksum has been changed that means this copy has been pirated. Now you can just block it or release an update to block it, etc. Try to make a routine that can check if some of your codes (functions, classes, or specific routines) are actually have been modified or altered or even removed. I call it (code integrity check). Use free unknown packers to pack your application. Or, if you have the money, go for commercial solutions such as Thamida or .NET Reactor. Those applications get updated regularly and once a cracker unpack your application, you can just get a new update from those companies and once you get the new update, you just pack your program and release a new update. Release updates regularly and force your customer to download the latest update. Finally make your application very cheap. Don't make it too expensive. Believe me, you will get more happy customers and crackers will just leave your application, because it isn't worth their time to crack a very cheap application.

这些只是防止新手和中级破解者破解应用程序的简单方法。如果您有更多保护应用程序的想法，请不要羞于实现它们。这只会让破解者的生活变得艰难，他们会感到沮丧，最终他们会离开你的应用程序，因为它不值得他们花费时间。

最后，你还需要考虑花时间编写一个好的、高质量的应用程序。不要把时间浪费在编写复杂的安全层上。如果一个优秀的破解者想要破解你的应用程序，无论你做什么，他/她都会做。

现在去实现一些玩具饼干…

2011-06-28 09:40:12

如果您希望人们能够运行您的代码(如果您不希望，那么为什么要首先编写它?)，那么他们的CPU需要能够执行您的代码。为了能够执行代码，CPU需要能够理解它。

由于cpu是愚蠢的，而人类不是，这意味着人类也可以理解代码。

只有一种方法可以确保你的用户不会得到你的代码:不要把你的代码给他们。

这可以通过两种方式实现:软件即服务(SaaS)，即在服务器上运行软件，只允许用户远程访问它。例如，这就是Stack Overflow使用的模型。我很确定Stack Overflow不会混淆他们的代码，但是你不能反编译它。

The other way is the appliance model: instead of giving your users your code, you give them a computer containing the code. This is the model that gaming consoles, most mobile phones and TiVo use. Note that this only works if you "own" the entire execution path: you need to build your own CPU, your own computer, write your own operating system and your own CLI implementation. Then, and only then can you protect your code. (But note that even the tiniest mistake will render all of your protections useless. Microsoft, Apple, Sony, the music industry and the movie industry can attest to that.)

或者，您可以什么都不做，这意味着您的代码将自动受到版权法的保护。

2010-02-21 11:34:57

Use online update to block those unlicensed copies. Verify serial number from different modules of your application and do not use a single function call to do the verification (so that crackers cannot bypass the verification easily). Not only check serial number at startup, do the verification while saving data, do it every Friday evening, do it when user is idle ... Verify application file check sum, store your security check sum in different places. Don't go too far on these kind of tricks, make sure your application never crash/get into malfunction while verifying registration code. Build a useful app for users is much more important than make a unbreakable binary for crackers.