ILDASM and Obfuscation in .NET
page 3 of 7
by Sandeep Acharya
Feedback
Average Rating: 
Views (Total / Last 10 Days): 38190/ 126

What Actually Is ILDASM

As we have just discussed, it is very easy to get the source code out of the .NET assemblies. The process is known as De-Compilation. Microsoft is providing a native de-compiler known as ILDASM (IL Disassembler). This ILDASM can convert the entire assembly to the understandable instructions and then it is not a far reach to get the source codes back. Let us have a look at how we can do this.

Go to the Visual Studio .NET Command prompt as shown below.

Figure 1

 

Enter ILDASM at prompt.

Then the ILDASM window will come up. Here you can browse your dll or exe. After which, you will get the complete set of instructions for your assembly.

In this case I have used a Vb.net exe (mfsapp.exe) and got the result as shown in the image below.

Figure 2

 

 

 

 

 

 

 

 

 

 

 

 

 

The above image shows an example of runtime ILDASM. It also explains the meaning of the symbols used in the process. Double clicking any item gives the set of instructions that will be executed. For example, here we have double clicked on the Method doDBconnection () and received the following.

Figure 3

Once this structure is obtained, the source code is not far away. One can easily decode these instructions into the source code by using the code charts given at the location [Drive name]:\Program Files\Microsoft Visual Studio .NET\FrameworkSDK\Tool Developers Guide\docs\Partition III CIL.doc.

The Microsoft itself gives this DOC file. It contains the meanings of all the instructions from the above process. So, now the source code is almost in your hand exposing the whole logic behind the dll/exe.


View Entire Article

User Comments

Title: What Actually Is ILDASM   
Name: Babu Shekar
Date: 2010-02-12 6:06:30 AM
Comment:
Thanks Sandeep Acharya!! this article provides an detailed explanation of the topic with pictorical representation. It is really great piece of explanation.
Title: Nice!!   
Name: Venkata Polepalli
Date: 2008-11-12 6:36:19 AM
Comment:
Hi Sandeep!!

Its Good Artical for Explaining the Obfuscation!!
Title: Thanks   
Name: Rupesh kumar Tiwari
Date: 2007-10-05 7:51:13 AM
Comment:
Thanks Sandeep ji.
After reading this article I got a clear picture about the Ildasm.
You could have thrown some more light on Obfuscating. Still, the diagram is explaining things clearly.
Title: Thanks   
Name: Chandrakanta
Date: 2007-01-18 1:40:10 AM
Comment:
This is a very Nice Article For the developers those are working on this technology.

Product Spotlight
Product Spotlight 





Community Advice: ASP | SQL | XML | Regular Expressions | Windows


©Copyright 1998-2019 ASPAlliance.com  |  Page Processed at 2019-08-25 2:15:23 PM  AspAlliance Recent Articles RSS Feed
About ASPAlliance | Newsgroups | Advertise | Authors | Email Lists | Feedback | Link To Us | Privacy | Search