Microsoft SLPS (Part 1)

Published 16 April 08 11:17 AM | adrian

Decompiling means converting a program back to the original source code. Previously, decompilation is difficult because you need to understand assembly (which is the least human readable language). Assembly code is translated into machine language (readable by CPU) by the operating system. In .NET, this is not the case. Decompiling is easy.

.NET Compilation

Before we jump into how to decompile, we need to undestand compilation first. In .NET, compilation means converting from .NET language (Visual Basic or C#) to MSIL (Microsoft Intermediate Language).

image

DLL and EXE file you distribute will contain MSIL. When run, the .NET runtime will do another set of compilation before execution (that's why it's called Just-In-Time Compilation) to the platform's assembly language. The assembly language then sent to the platform's operating system.

This means, one set of DLL and EXE file can be run on multiple platform without changes, since translation to the platform's instructions are done after distribution or just before execution. The .NET runtime is also called virtual machine, since it acts as an intermediate machine.

The bad thing is, since the compilation does not generate assembly language, instead a standardized intermediate language, someone can easily take this and translate it back to the original source code with little difficulty.

.NET Decompiler

In fact, the .NET Software Development Kit includes a tool to help you open up the DLL and EXE file to retrieve the MSIL code. This tool is called ildasm.exe (IL De-Assembler). For example, we will decompile a simple Hello World application.

  1. Run ildasm tool. This tool is included with all Windows SDK distribution. You can run it from the Start Menu > Programs > Microsoft Windows SDK [version] > Tools > IL Disassembler.
  2. Once the window is opened, drag and drop the file you want to disassemble. You can use the attached HelloWorld.exe file or any .NET assembly.image
  3. To see the IL code, just double click on any method. For this demo, you can double click on Main to see how the console application retrieves the current user name.

    .method private hidebysig static void  Main(string[] args) cil managed
    {
      .entrypoint
      // Code size       29 (0x1d)
      .maxstack  8
      IL_0000:  nop
      IL_0001:  ldstr      "Hello {0}!"
      IL_0006:  call       string [mscorlib]System.Environment::get_UserName()
      IL_000b:  call       string [mscorlib]System.String::Format(string,
                                                                  object)
      IL_0010:  call       void [mscorlib]System.Console::WriteLine(string)
      IL_0015:  nop
      IL_0016:  call       string [mscorlib]System.Console::ReadLine()
      IL_001b:  pop
      IL_001c:  ret
    } // end of method Program::Main

  4. I won't dig in to the details of the IL, but suffice to say, you can see that the application calls System.Environment.get_UserName() method to retrieve the current user name. Easy enough.
  5. If you need a more developer-friendly code, you can download Reflector (at http://www.aisto.com/roeder/dotnet/). This tool will convert the IL code back to the language of your choice.

Why Do I Need to Worry?

So people can easily get back my source code. So what? Well, there are several reasons why source code is important.

  1. With source code, you can modify and recompile a modified code. This is easier than changing a compiled binary file. To overcome this, .NET have a feature called Code Access Security. With CAS, you can sign a compiled DLL or EXE with a private key. During execution, you can enforce that the DLL you create have the specific sign. Any tampered DLL will have a different sign.
  2. With source code, your intellectual property; like algorithm, process, or even secret, can be exposed. Imagine you have a product key generation algorithm. Anyone with access to your source code will be able to reverse engineer and generate a valid key for your product, without even paying. This is the part where Microsoft SLPS comes in.
     

What is Microsoft SLPS Then?

In short, Microsoft SLPS enables you to encrypt parts of your source code. The encrypted parts will not be able to be decompiled. Second part, Microsoft SLPS also enables product feature management. You may want to create three version of your product with different features (and price). You can easily do this with Microsoft SLPS.

I saved the discussion about how to use Microsoft SLPS in the next topic. For those eager to know may visit Microsoft SLPS web site at http://www.microsoft.com/slps. MSDN Subscribers can request for a limited account to try the service.

Share this post: | | | |
Filed under: ,

Comments

# NgeBlogDong!@INDC said on July 4, 2008 11:03 PM:

Yesterday evening, I've delivered a talk on protecting your code. Frequent readers would recognize

Leave a Comment

(required) 
(required) 
(optional)
(required) 

Enter the numbers above: