混淆是一种方法,但它不能防止破坏应用程序的盗版保护安全性。如何确保应用程序不被篡改,如何确保注册机制不会被逆向工程?

此外,还可以将c#应用程序转换为本机代码,而Xenocode的成本太高。

c#提供了很多特性,是编写代码的理想语言,所以用c++重新编写整个代码库是不可能的。

安全证书可以很容易地从. net中的签名程序集中删除。


当前回答

当涉及到。net时,如果你正在发布Windows窗体应用程序(或任何客户端有可移植可执行文件的应用程序),它就有可能被破解。

如果你想坚持使用。net,并且想把你的源代码被窃取的几率降到最低,那么你可以考虑将它部署为ASP。NET应用程序,而不是使它成为一个Windows窗体应用程序。

其他回答

广义上讲,有三种人。

Those who will not buy your software and resort to cracks, or if they don't find any, not use your software at all. Don't expect to make any money from this group. They rely either on their own skills or on crackers (who tend to prioritize their time depending on your useful and how big your audience is. The more useful, the sooner a crack will be available). The group of legitimate users who will buy (pay for) your software, irrespective of what protection mechanism you use. Don't make life hard for your legitimate users by using an elaborate protection mechanism since they are going to pay for it in any case. A complex protection mechanism can easily spoil the user experience and you don't want this happening to this group. Personally, I'd vote against any hardware solution, which adds to the cost of your software. A minority who will resort to "unethical" cracking and will only pay for your software because its features are protected by a licensing mechanism. You probably don't want to make it exceedingly easy for this group to circumvent your protection. However, all that effort you spend on protecting your software will pay back, depending on how big this group of people is. This entirely depends on the type of software you're building.

根据您所说的,如果您认为有足够多的少数人可以被推动购买您的软件,那么请继续执行某种形式的保护。考虑一下你能从这些少数人身上赚到多少钱,与你花在保护上的时间相比,或者你花在第三方保护API/工具上的钱。

如果您想实现自己的解决方案,那么使用公钥加密是防止容易被黑客攻击的好方法(与对称算法相反)。例如,您可以对您的许可证(序列号或许可证文件)进行数字签名。解决这个问题的唯一方法就是反编译、修改和重新编译代码(你可以使用Simucal回答中建议的技术来增加难度)。

只是补充一个警告:如果你打算使用混淆,检查一切仍然工作!混淆可能会改变类名和方法名。因此,如果你使用反射来调用某些方法和/或类(就像在插件架构中),你的应用程序在混淆后可能会失败。另外,堆栈跟踪对于跟踪错误可能是无用的。

根据我的经验,让你的应用程序或库更难破解会伤害你诚实的客户,而只会稍微延迟那些不诚实的客户。专注于制作一款优秀的,低摩擦的产品,而不是花费大量精力去推迟不可避免的事情。

客户端上运行的任何东西都可以被反编译和破解。混淆只会让它更难。我不了解你的应用程序,但99%的情况下,我认为不值得这么做。

我认为这个话题主要有两个方面。

A) .NET只是反向工程而不是原生的吗?

B)我们是什么类型的程序员?

标题: 保护.NET代码不受逆向工程的影响

我的观点:

Least preference to make commercial application in .NET, because it will expose even your comments on the built binary after decompile. (I don't know what is the logic to include the comments also with binary) So any one can just decompile it, rename/modify/change the look and resell the application in 24 hours. In native application rename/modify/change of look is not possible as easy as one could do in .NET Worried part in .NET is that you could get the whole project with solution from a single binary exe/dll.

想象一下现在的安全状况有多糟糕。 因此,即使是外行也可以轻松地对. net应用程序进行逆向工程。

如果它是本地应用程序,如c++ /VB6/Delphi,只有知道ASM的专家破解者才能修补exe,而不是像。net那样100%逆向工程。

但是现在整个世界都在使用。net,因为用它的高级特性和库很容易做项目。

好消息是,微软似乎在2020年支持。net的本地输出,这将使像我这样的程序员考虑将。net c#作为主要语言。

https://www.codeproject.com/Articles/5262251/Generate-Native-Executable-from-NET-Core-3-1-Proje?msg=5755590#xx5755590xx