Reverse Engineering RET Homepage RET Members Reverse Engineering Projects Reverse Engineering Papers Reversing Challenges Reverser Tools RET Re-Search Engine Reverse Engineering Forum Reverse Engineering Links

Go Back   Reverse Engineering Team Board > Reverse Engineering Board > .NET Reverse Engineering
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
Thread Tools Display Modes
  #1  
Old 04-13-2008, 01:15 PM
karlranseier karlranseier is offline
Member
 
Join Date: Apr 2008
Posts: 12
Default

sounds good but what do you think about .net reactor? it seems to offer more protection techniques but costs less.
Reply With Quote
  #2  
Old 04-16-2008, 06:09 AM
Andu Andu is offline
Member
 
Join Date: Apr 2008
Posts: 46
Default

Hello folks,

my question also regards .net Reactor. First I agree that the application mode protection is crap because it has been shown many times that it is possible to circumvent the protection in less than 5 minutes!

I have also seen a paper which seems to describe the basic principle, which .net Reactor seems to be based on (don't know if you refer to this paper with the gpl code, a link is very much appreciated).

But the Reactor offers two protection modes: application (which is easy to crack) and library mode, which I'm not shure off.

As I haven't seen any crackmes regarding library-mode-protected assemblies or tutorials on that topic my question is if anyone has tried to break this protection with activated necro bit. It seems to be tougher at first glance.
And a second thing: .net Reactor also offers a strong name removal protection. What do the experts think about this?

Regards,

Andu

Last edited by Andu : 04-16-2008 at 06:33 AM.
Reply With Quote
  #3  
Old 04-16-2008, 06:47 AM
LibX LibX is offline
Administrator
 
Join Date: Feb 2007
Location: The Netherlands
Posts: 118
Default

Quote:
Originally Posted by Andu View Post
Hello folks,

my question also regards .net Reactor. First I agree that the application mode protection is crap because it has been shown many times that it is possible to circumvent the protection in less than 5 minutes!

I have also seen a paper which seems to describe the basic principle, which .net Reactor seems to be based on (don't know if you refer to this paper with the gpl code, a link is very much appreciated).

But the Reactor offers two protection modes: application (which is easy to crack) and library mode, which I'm not shure off.

As I haven't seen any crackmes regarding library-mode-protected assemblies or tutorials on that topic my question is if anyone has tried to break this protection with activated necro bit. It seems to be tougher at first glance.
And a second thing: .net Reactor also offers a strong name removal protection. What do the experts think about this?

Regards,

Andu
About the strong name protection i managed to remove it once, after that i lost interest in reversing since its more of the same every time with just minor changes
Reply With Quote
  #4  
Old 04-16-2008, 06:47 AM
LibX LibX is offline
Administrator
 
Join Date: Feb 2007
Location: The Netherlands
Posts: 118
Default

Quote:
Originally Posted by karlranseier View Post
could you proof it?
i am interested in the protection technique. you could you post links the the source code .net reactor is based of?
Its using code from Mono.Cecil, old versions uses code from first releases of .NET Reflector, it has a copy of the hurricane cipher in it also opensource (its a delphi unit), also QuickLZ is used and more .
Reply With Quote
  #5  
Old 04-16-2008, 06:53 AM
Andu Andu is offline
Member
 
Join Date: Apr 2008
Posts: 46
Default

Thanks for your answers. What's about library mode contra the weak application mode?
Reply With Quote
  #6  
Old 04-16-2008, 06:56 AM
LibX LibX is offline
Administrator
 
Join Date: Feb 2007
Location: The Netherlands
Posts: 118
Default

Quote:
Originally Posted by Andu View Post
Thanks for your answers. What's about library mode contra the weak application mode?
Its just as crappy specialy the so called necrobits protection is the biggest joke of all
Reply With Quote
  #7  
Old 04-16-2008, 06:59 AM
Andu Andu is offline
Member
 
Join Date: Apr 2008
Posts: 46
Default

Could you please expand on this? Is there a tutorial available?

What's the point with necroBit after all? How does it help to protect the assembly?
Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump





Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.