In this post you will find a procedure to add some protection to your c # source related to windows forms applications, under certain conditions the application renders both decompilers and de-obfuscators useless and protects the non-obfuscated source code.
A possible scenario: we have an executable to be tested by others but we don't want to sell it for the moment, so we can encrypt the executable and go to the test machine with our encrypted exe and the software to decrypt it, enter the password to decrypt it and upload it in memory,
proceed as follows using the WinFormsProtector software:
1) after selecting the executable file to be protected (with the "choose executable to encrypt" button) and choosing the password and pressing the "choose path file to encrypt" button to choose the path where to save the file, you can then proceed to creation of the encrypted file by pressing the "encrypt file into path" button, the file created is called "encryptedExe.encrypt"
2) installation of WinFormsProtector on the test machine on which the above encrypted file will be loaded
3) entering the password used to encrypt the file
4) selection of the file to be decrypted by pressing the "choose file to decrypt" button
5) press the "decrypt file, load in ram and run" button
then we load the file in memory and here we decrypt and execute it, in practice we load the Assembly in this way:
Assembly assembly1 = Assembly.Load(exe);
where exe is the array of bytes that makes up the executable
in this way the file that we intend to protect in clear does not exist on the machine but exists only encrypted or in memory,
in the executable file that it intends to protect (the called exe) is necessary to modify the main in this way:
in practice add a Start () method that calls the first Form of your application
namespace Ethical_Hacking
{
static class Program
{
[STAThread]
static void Main()
{
Application.EnableVisualStyles();
Application.SetCompatibleTextRenderingDefault(false);
Start();
}
public static void Start()
{
Form1 f = new Form1();
f.ShowDialog();
}
}
}
in the calling exe we will have:
Assembly assembly1 = Assembly.Load(exe);
var programType1 = assembly1.GetTypes().FirstOrDefault(c => c.Name == "Program");
MethodInfo method1 = programType1.GetMethod("Start", BindingFlags.Public | BindingFlags.Static);
method1.Invoke(null, new object[] { });
that is, the Start () method is invoked.
A possible scenario: we have an executable to be tested by others but we don't want to sell it for the moment, so we can encrypt the executable and go to the test machine with our encrypted exe and the software to decrypt it, enter the password to decrypt it and upload it in memory,
proceed as follows using the WinFormsProtector software:
1) after selecting the executable file to be protected (with the "choose executable to encrypt" button) and choosing the password and pressing the "choose path file to encrypt" button to choose the path where to save the file, you can then proceed to creation of the encrypted file by pressing the "encrypt file into path" button, the file created is called "encryptedExe.encrypt"
2) installation of WinFormsProtector on the test machine on which the above encrypted file will be loaded
3) entering the password used to encrypt the file
4) selection of the file to be decrypted by pressing the "choose file to decrypt" button
5) press the "decrypt file, load in ram and run" button
then we load the file in memory and here we decrypt and execute it, in practice we load the Assembly in this way:
Assembly assembly1 = Assembly.Load(exe);
where exe is the array of bytes that makes up the executable
in this way the file that we intend to protect in clear does not exist on the machine but exists only encrypted or in memory,
in the executable file that it intends to protect (the called exe) is necessary to modify the main in this way:
in practice add a Start () method that calls the first Form of your application
namespace Ethical_Hacking
{
static class Program
{
[STAThread]
static void Main()
{
Application.EnableVisualStyles();
Application.SetCompatibleTextRenderingDefault(false);
Start();
}
public static void Start()
{
Form1 f = new Form1();
f.ShowDialog();
}
}
}
in the calling exe we will have:
Assembly assembly1 = Assembly.Load(exe);
var programType1 = assembly1.GetTypes().FirstOrDefault(c => c.Name == "Program");
MethodInfo method1 = programType1.GetMethod("Start", BindingFlags.Public | BindingFlags.Static);
method1.Invoke(null, new object[] { });
that is, the Start () method is invoked.
If the exe file to be protected uses packages you must add these packages in the calling project (executable), for example if we use NewtonSoft.json in the program to be protected also the calling program must have NewtonSoft.Json in its packages.
In the source code you will find two zipped projects: WindowsFormsProtector and Ethical_Hacking, the first is the calling exe the second is the called exe (or the protected one), here the code and the installer: https://sourceforge.net/projects/ winformsprotector /