"Wise Owl" .NET protector review
This is my first post (as I remember) in this forum. I've been interested for some time on how to protect my application from reverse engineering (and not necessarily copy protection).
I've evaluated a few .NET protectors - SmartAssembly.NET and a few others. I want a pure .NET solution and I think the best protection is good obfuscation - especially control-flow obfuscation. After all this is the only reliable IP protection.
I saw a few posts over the Internet that the Wise Owl protector (http://www.wiseowl.com/) is suppose to be quite good (or even the best), but no one has ever tested it. Probably because you must send an e-mail from a corporate e-mail server to get a trial version.
Well, I decided that I must test it. I always strive for the best you know :)
Wise Owl is a command line tool (well - we all like GUI, but that's not a big deal) and have a very limited set of command line options (you can see the complete list of options here - http://www.wiseowl.com/Support/ReadMe.htm).
Having a small set of options is not bad actually if they are enough for your needs. There is no need to make things more complex than they should be :)
The options I liked the most are:
/cc (compiler controlled private scope - having methods with exactly the same signature within the same type - cool :))
/names:Unicode (I like Unicode - it makes the assembly much more difficult to understand in reflector; even gibberish like "aH56sD" is a LOT better than the Unicode's square box)
/application (haven't used it but I like the idea)
/config:<configFile> (incremental obfuscation - could be very useful)
/encryptstrings (always better than plain text)
/flow:<level> (control-flow obfuscation is a must)
First, I tried the /cc option and I liked the result. Very good (and fairly standard) name obfuscation.
Then, I tried /cc, /encryptstrings and /flow:advanced on a single assembly.
The encrypted strings were just Unicode - fairly standard. The important part would be if the encryption method is good. But I did not check that. I went for the control-flow. Of course C# in .NET Reflector just crashes. In IL the code did not seem very obfuscated excluding the two "br.s" instructions at the beginning of the method. Well, I assumed the obfuscation is so good that it even does not use the usual "br.s". There might be some really good obfuscation that uses complex instructions to make the code "undecipherable mess" (daydreamer:)).
So I used a new tool that I just have found out about - ILSpy (http://wiki.sharpdevelop.net/ilspy.ashx). And it did not crash on obfuscated methods.
What a surprise! My methods stood in plain text within a construct like
I also immediately located the super simple string decryption function that does not depend on anything but its input Unicode string. I remember SmartAssembly doing some assembly tampering checks on string decryption. Nothing similar here.
So the conclusion is that apart from its nice member name obfuscation there is nothing else in this obfuscator. And the $800 for the enterprise version are simply not worth it. I can find a free obfuscator to do the same or even write one myself.
So if anyone is interested in a crackme I'll be happy to make one (or two). However, I think that a deobsucator will be fairly easy to make.
Wish you best.
Nice review! :) Few notes:
You are safe using the personal edition only. There is no price for this edition on the Wise Owl's site so I do not known how much does it cost.
The enterprise edition brings you cross-assembly obfuscation, incremental obfuscation, the non-existent control-flow obfuscation, and the simple string "encryption". I think a general deobfuscator might be able to remove the string encryption and may be the control-flow. I can even write one but I don't think its worth it.
I have not used v4.0 so I cannot tell of any improvements. For me, the only valuable stuff in this obfuscator is its member name obfuscation which is fairly standard anyway.
I have the Dyamar Protector. It has the best properties of protection file from copy and you can use it to create a wide range of protection schemes, including: file compression, protection against reverse-engineering, licensing, and providing trial versions to your customers. This software supports multi-language activation. This enables you to deploy your software in most countries and allows your end users to easily activate it.
I am very Happy. The most information you van find here Copy Protection
|All times are GMT -4. The time now is 06:15 AM.|
Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2021, Jelsoft Enterprises Ltd.