search

XenocodeRCE / neo-ConfuserEx

Updated ConfuserEX, an open-source, free obfuscator for .NET applications
http://yck1509.github.io/ConfuserEx/
Other
756 stars 89 forks source link

Random String from project is set to a field #41

Open PiotrKFtw opened 5 years ago

PiotrKFtw commented 5 years ago

How to reproduce this?

  1. Make a c# dll with public class and public static method Load with parameter string
  2. Make another c# internal class with method Start that assigns some random values to 3 fields
  3. Make a field of type string internal named Hash
  4. Make another c# internal class and put there internal field named Hash and internal method Init
  5. put another method inside of the Load method and in that method make new instance of both classes and assign the parameter to field hash
  6. in the Init method pop message box with value of that field
  7. Put [Obfuscation(Exclude = true)] on Load method
  8. Obfuscate code with:
    • Rename
    • Control Flow
    • Constants
    • Ref proxy
    • Anti Ildasm and Resources and enable inherit protections
  9. Call the load method using Mono and put random string as parameter
  10. the messagebox will popup as random string from the code not what you put as parameter and the popped message will change if you delete any of the obfuscations.