Protecting IL Code from unauthorised Disassembling

Microsoft .NET proved a mechanism where the code written in VB.NET, C# or any CLS compliant languages to generate MSIL (Microsoft Intermediate Language)code which targets the CLR and executes. This is an excellent mechanism to abstract the high level code from the underlying hardware.

What gets generated from the source file is a PE (Portable Executable) which will run on the CLR. Despite the advantages it offers, this mechanism faces a severe drawback of the MSIL which can get decompiled to the actual source code.

Microsoft tool ILDASM.EXE adds up to this problem by giving an option to output an .IL from an assembly, this file contains code resembling the actual source code hence posing a sever threat to the intelletual property of the company.

Lets understand this problem with an example

Class1.vb imports system

Namespace mynamespace
Class mclass
Shared Sub main()
console.writeline("hi from main")
End Sub
Public Function SayHi() As String
SayHi = "Hi from Function"
End Function
End Class
End Namespace 

This code when compiled generates a executable Class1.exe

vbc Class1.vb 

When you fire up ILDASM utility we can get to see the IL code which is read from the METADATA of the assembly.

To output .IL file from the assembly use the tool ILDASM

ILDASM Class1.exe /out=Class1.il 

The Class1.il file thus generated looks more then just junk code but a clear readable code properly structured and resembles the actual source code. This sample clearly shows the part of IL code generated from Class1.exe assembly. The method MAIN which prints "hi from Main" resembles the actual source code.

.method public static void main() il managed
{
// Code size 11 (0xb)
.maxstack 1
.locals init (
class System.Object[] V_0)
IL_0000: ldstr "hi from main"
IL_0005: call
void [mscorlib]System.Console::WriteLine(class System.String)
IL_000a: ret
}
// end of method mclass::main

Can an IL be reverse-engineered ?

Well, i think u must have guessed by now that reverse engineering code from IL is fairly straight forward.

Is there a way to protect the assembly from getting disassembled ?

Well, yes as for now the only method to protect the assembly is to use the tool ILASM with the /owner option.

Follow these steps to protect the assembly from getting disassembled

Step1: Generating IL ILDASM Class1.exe /out=Class1.il 

Step2: Setting the owner option ILASM /owner=abc Class1.il 

This will create the assembly Class1.exe with the owner as "abc", not try to open this assembly with ILDASM utility.

You will get a message saying "Copyrighted Material- can not disassemble"

This assembly can only be viewed by supplying the owner

ILDASM /owner=abc Class1.exe 

Once the compilers come with the /owner option, protecting the assembly will be much easier.