First of all, direct quotation
Second, decompile.
Third, reflection.
If the DLL does nothing, any of the above can achieve the purpose of cracking.
Then, usually the following protection methods can be found online, but to be honest, they are of little use, which of course makes it more difficult for white hackers.
One is the tool to confuse classes (such as Dotfuscator, but it can be decompiled through ILSpy, Reflector, etc. And direct copy code can also be run)
Second, encryption tools (such as MaxToCode, there are corresponding cracking tutorials on the Internet).
Third, shell tools (such as Sixxpack, there are corresponding cracking tutorials on the internet)
Fourth, strong signature (signature only prevents a DLL in the project from being tampered with, and cannot prevent decompilation or reflection).
Having said that, isn't there a relatively reliable way?
Finally, let's get down to business.
The purpose of the above tools comes down to two things, one is that we can't see it, and the other is that we can't adjust it. Of course, we also achieve these two goals, but the means are different.
First, you can't watch:. NET DLL can contain managed heap code (which can be decompiled) and unmanaged heap code (which cannot be decompiled, which is a higher level and beyond the scope of discussion). We put the core logic code in the unmanaged heap code, and the managed heap code provides an interface for external calls. When called, unmanaged code passes through the. NET dynamic compilation function, and return the execution results. This ensures that you can't watch it.
2. Unable to adjust: We add the function of verifying the caller's source in the unmanaged code to judge whether the caller's hash value is consistent with the hash value agreed in the unmanaged code (when publishing, we need to generate the hash value of relevant references in advance and store it in the unmanaged code, and finally generate the DLL of the unmanaged code in the installation package). If it is consistent, the result will be returned through execution; if it is inconsistent, it will be empty. This solves the problem that illegal sources cannot be transferred.
See blogs.com/dengxi/p/5750170.html for more information.