All geek questions in one place

Does a delivery PDB file make obfuscation useless in .net?

If I messed up the vb.net build using Eazfuscator with character encryption enabled (so that I can use the Eazfuscator stack trace decoder), does it effectively cancel if I send a PDB file? I want to send a PDB file to get line numbers in stack traces that are sent to me back in error reports.

I know that I can get line numbers by saving the PDB file for the submitted version, but this is an additional level of complexity that I don’t need right now, I will implement this in the future. I just want to make sure that I am not efficiently sending unconfirmed code, including a PDB file.

Thanks in advance for any advice.

+6
source share
2 answers

PDBs do not contain the actual code. But I have a strong feeling that after obfuscation the PDB will be incompatible with binary. Here's what's inside the PDB :

  • Public, private, and static function addresses
  • Global Variable Names and Addresses
  • Parameters and local variable names and offsets, where to find them on the stack
  • Enter data consisting of class, structure, and data definition
  • Data on the prohibition of the frame pointer (FPO), which is the key for the built-in stack going through x86.
  • Names of source files and their lines

As I understand it, obfuscation will ruin things like non-public types, methods, parameters, etc. So, if it does not change the original IL offsets, then displaying line numbers may work, but it will provide some information that was actually confused, whether the question can be restored or not.

I suggest adding a rich journal if you are very worried about deobfuscation.

+3
source

No, sending PDB files does not make obfuscation useless. Note, however, that PDB files may contain local variable names, so this is another piece of information that a disassembler such as Reflector can use. PDB files can also contain the full paths of source code files, however this rarely does any harm in terms of revealing confidential information.

Some obfuscators, such as Crypto Obfuscator, support the creation of PDB files - after obfuscation, it displays new PDB files that synchronize with obfuscated assemblies, your stack traces remain correct. In addition, PDB files contain obfuscated source file names mentioned above. It also removes all local variable names from PDB files.

DISCLAIMER: I work for LogicNP Software, a developer of Crypto Obfuscator.

+4
source

Source: https://habr.com/ru/post/896205/

More articles:


All Articles