Protection of .NET assembly code. CodeProtect.exe

Code protection allows for automatic removal of its portion from the protected application and addressing it only as requested upon execution. Any addressing of the code’s secured location first initiates the availability of the dongle, and only upon positive verification, further decryption of the protected code.

The code of each method of the protected application has its unique strings, independent from all other code, binding it to the dongle. This approach significantly complicates regressive analysis and implements a unique sequence of calls based on the dataflow graph of the protected application execution.

EXE protection 

The protected executable file remains a Managed-assembly, but the main part of its code is transferred to a Native-DLL of a special type, which becomes the code’s secure storage location:

1. In the process of execution there are calls made to the protected method, after which the stub’s code is addressed
2. The stub initiates the execution of the code contained in the secure storage location against the addressed method
3. The protected code is executed

DLL protection

When protecting dynamic DLL-libraries for the .NET platform a similar approach is used to the one used for protecting executable files, but taking into account the specifics of using the code library. In the process of protecting the original DLL library, the MSIL-code is deleted and its place is taken by the calls of special method stubs. In this way, after protection what’s left from the original DLL-library is simply the code with calls to the method stubs. Such an approach to protection allows saving the operating capacity of the principles of interaction with the protected library: reference links can still be added from other .NET assemblies and it still has the status of a Managedassembly. Upon protecting a DLL assembly it is not necessary to make any changes in the code that already uses the protected library, since method stubs will assume all the work for rerouting calls to the code’s secure storage location. 

1. Executable file addresses the method from the protected library
2. Stub’s code is called upon addressing the protected method
3. The stub initiates the execution of code from the secured location against the addressed method
4. Protected code is executed.

• Protection of executable .NET-files code
• Protection of dynamic .NET-libraries code
• Fine-tuning of protection parameters using the configuration file

To ensure application protection the following files need to be placed in one folder:

The presence of the following files in one folder is required to ensure operation of the protected application:

Connect a dongle of the required type to the computer before initiating the protection process.

CodeProtect.exe: call format:

CodeProtect.exe [general options] [individual options] [file1.ext] [@file2.ext]

Or:

CodeProtect.exe [general options] [file1 individual options] [file1.ext] [file2 individual options] [file2.ext] … [fileN individual options] [fileN.ext]

Indicate the required protection parameters at the command prompt and push [Enter]. The utility will proceed with protection, generating the required messages in the process. Upon completion of protection, the utility will terminate its operation. The protection process can be paused at any moment by pressing Esc.

CodeProtect.exe options (as well as obfuscator options) are divided into general and individual. , see details in General and individual obfuscation options.