I am building some applications and decided it was time to run my code through an obfuscator. I downloaded and used Eazfuscator.NET and then after installing the application I downloaded Ispy to see just how well the process worked.
What I found was that I could still easily see a lot of the code, for instance most logic on my routines was there in some parts of my background workers. Yes the strings were changed but some poritions which I would consider fairly important were visible.
For instance when I build the application authentication key there are certain items which I attach to the key before I run my encryption. These items were visible in when I used Ispy to view the assembly. The passphrase to my encryption library was concealed, but I feel like this is still more information than I would want someone to be able to see.
My question is - is this normal behavior when using an obfuscator? Or should I be trying other ones?
Use following settings for Eazfuscator.NET to get better results:
[assembly: Obfuscation(Feature = "code control flow obfuscation", Exclude = false)] [assembly: Obfuscation(Feature = "PEVerify", Exclude = false)] [assembly: Obfuscation(Feature = "encrypt symbol names with password mypassword", Exclude = false)] [assembly: Obfuscation(Feature = "encrypt resources [compress]", Exclude = false)]
in your assembly info file