在混淆完成后通过反射在c#中查找类/属性的最佳方法是什么?
[英]What is the best method to find a class/property in c# through reflection after obfuscation has been done?
问题描述
Here's an example of the code which will be used for the reflection: 
这是将用于反射的代码示例:
var i = typeof(Program).Assembly.CreateInstance("test.Program");
After the software is obfuscated, the code will obviously stop working. 软件被混淆后,代码显然会停止工作。
I'm trying to find a way around it by searching for properties of a class, which do not change after obfuscation has been done. 我正在尝试通过搜索类的属性来寻找解决方法,这些属性在混淆完成后不会改变。 I've tried that with type.GUID, but when I run the debug version, I get one GUID, and in the release after the obfuscation is completed, the guid is changed. 我已尝试使用type.GUID,但是当我运行调试版本时,我得到一个GUID,并且在混淆完成后的版本中,guid被更改。
I'm using Eazfuscator.NET for obfuscation. 我正在使用Eazfuscator.NET进行混淆。
I would like to avoid using attributes to mark class/method if possible. 如果可能的话,我想避免使用属性来标记类/方法。
Any ideas on what would work? 有什么想法可行吗?
3 个解决方案
解决方案1
2 2011-11-01 21:44:54
I'm sure there are ways to iterate over all types and find the one you're looking for, but the things that come to mind would all produce the least maintainable code ever. 我确信有一些方法可以迭代所有类型并找到你正在寻找的那个类型,但是想到的东西都会产生可维护性最低的代码。
Some obfuscators (we use DeepSea, I don't know Eazfuscator) allow preventing obfuscation of specific classes, allowing reflection on those. 一些混淆器(我们使用DeepSea,我不知道Eazfuscator)允许防止特定类的混淆,允许对它们进行反思。 In DeepSea's case, this is indicated by attributes but those won't/shouldn't (I never checked :o) make it to the final assembly. 在DeepSea的情况下,这由属性指示,但那些不会/不应该(我从未检查过:o)使它进入最终的程序集。
If you regard reflection as "an outside process looking at your assembly" and obfuscating "preventing outside processes from looking at your assembly" you're really stopping yourself from doing what you want to do. 如果你认为反射是“一个看待你的装配的外部过程”并且混淆“防止外部过程看你的装配”,你真的会阻止自己做你想做的事情。
解决方案2
1 已采纳 2011-11-01 22:14:42
don't want the obfuscator to defeat the attackers.
After obfuscation; 混淆后; zip, encrypt and do whatever you want with your assembly. zip,加密并用你的组件做任何你想做的事。 Then create another wrapper project and add your assembly as a resource into that project. 然后创建另一个包装项目,并将程序集作为资源添加到该项目中。 Attach to AppDomain.CurrentDomain.AssemblyResolve event (in your new project) and whenever an unresolved assembly event occurs, read your resource(decrypt,unzip etc.) and return the actual assembly. 附加到AppDomain.CurrentDomain.AssemblyResolve事件(在新项目中),每当发生未解决的程序集事件时,读取您的资源(解密,解压缩等)并返回实际的程序集。
You may also try to obfuscate your final wrapper application. 您也可以尝试混淆最终的包装器应用程序。
How secure? 有多安全? At least, you can make life more harder for attackers. 至少,你可以让攻击者的生活更加艰难。
解决方案3
0 2011-11-01 21:31:28
我没有确切的答案,但是ILSpy的消息来源可能会对您有所帮助。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.