The .Net obfu kung-fu

Recently, I've been looking into the various types of .Net obfuscation, some commercial obfuscators. But mainly hand rolled anti-disassembly/decompilation.

Some interesting ones I found today, were where the reflected code would not compile. Meaning that some random opcodes were injected post compilation that are still runtime compatible.

And also saw ones where non .Net opcodes were injected before a jump non-conditional, effectively padding with junk, so that on linear parsing of the file (top-bottom) dissasembly/decompilation may fail. Whereas for the runtime logical execution it would never encounter such problems.

Impressive stuff!

• Sharing Options
• Toot
• Add to Pocket
• Submit to Reddit
• Share on LinkedIn
• Share on LinkedIn