All geek questions in one place

Dynamically decrypt reference dll

I want to have a dll link in my Windows Forms Application. It is imperative for me that the dll is first encrypted and then decrypted at run time, when it should be used.

Please consider the following example when a routine is initially encrypted, and then decrypted and created. Please note that this is only a conceptual idea, I do not know how to do this from a code point of view.

Class clsSO { void myVoid() { Console.WriteLine("We are here now ..."); } } // End class

The above code will be wrapped in a .dll and added as a dll link to my project. Then the dll will refer and a routine called:

 clsSo myRef = new clsSo(); myRef.myVoid();

Console output:

We are here now ...

What I need to do: The contents of the dll shell will be encrypted and, therefore, unreadable / unable to refer directly to the class. Thus, the dll will need to somehow decrypt and dynamically update the decrypted data so that I can then refer to it.

Does something like this already exist? Can this be done?

I appreciate everyone’s time!

Thanks,

Evan

+4
source share
1 answer

You will need to call Assembly.Load (Byte []) in the decrypted bytes of your file. as soon as you have it, you will need to either use reflection or pass the class to the interface so that you can access the methods.

Here is an example

 class Example { static void Main(string[] args) { byte[] decryptedLibArray; using (var fs = new FileStream("clsSo.cDll", FileMode.Open, FileAccess.Read)) using (var aesProvider = new AesCryptoServiceProvider()) using (var aesTransform = aesProvider.CreateDecryptor(YourKey, YourIV)) using (var cryptoStream = new CryptoStream(fs, aesTransform, CryptoStreamMode.Read)) { decryptedLibArray = ReadFully(cryptoStream); } var lib = Assembly.Load(decryptedLibArray); IclsSO classInstance = (IclsSO)lib.CreateInstance("clsSO"); //If you use a namespace this will be namespace.clsSO classInstance.myVoid(); } /// <summary> /// Reads data from a stream until the end is reached. The /// data is returned as a byte array. An IOException is /// thrown if any of the underlying IO calls fail. /// </summary> /// <param name="stream">The stream to read data from</param> public static byte[] ReadFully (Stream stream) { byte[] buffer = new byte[32768]; using (MemoryStream ms = new MemoryStream()) { while (true) { int read = stream.Read (buffer, 0, buffer.Length); if (read <= 0) return ms.ToArray(); ms.Write (buffer, 0, read); } } } } interface IclsSO { void myVoid(); }

ReadFully from this post . Read it to find out why I did not just do cryptoStream.Read(data, 0, decryptedLibArray.Length); There are some errors in the last example, but the example of the memory stream that it gives is ideal.

However, someone can simply reset your program's RAM and get the decrypted binary, or maybe decompile your main program and get the decryption keys and just decrypt it yourself. Therefore, depending on how paranoid you are, you can still invest in an obfuscator.

+4
source

Source: https://habr.com/ru/post/1389667/

More articles:


All Articles