Skater .NET Obfuscator About Skater .NET Obfuscator project

RustemSoft proposes Skater .NET Obfuscator, an obfuscation tool for .NET code protection. It implements all known software protection techniques and obfuscation algorithms.
If you would like periodically obfuscate your .NET products the Skater .NET Obfuscator is for you. RustemSoft is using the Skater for internal needs securing all RustemSoft .NET executables and assemblies. Its command-line version running in batch mode is much useful for your scheduled products updates. You have to assign settings for an assembly in GUI version first. Then the batch obfuscate task will use the settings.

Download demo-trial now!

Main features of Skater .NET Obfuscator

Prohibits reverse engineering
Obfuscated application usually is not recompilable
Processes any .NET application, executable or assembly
Encrypts string constants
Compatible with any .NET framework from 1.0 through 4.5
Control flow obfuscation stops decompilers and deobfuscators
Scrambles class names, method names, field names etc.
Protects XAML (baml) files in WPF application
It works well on both (x86 and x64) platforms
Provides .NET Licensing features
Implements .NET Code Extension for small .NET applications protection.
Implements assemblies linking; linkage unites .NET assemblies into a single dll or exe

Skater .NET Obfuscator
Order Skater .NET Obfuscator!

Read Skater documentation

A couple of weeks ago I got license of RustemSoft Skater .NET Obfuscator Professional Edition. For the uninitiated, obfuscated code is harder to read in ILSpy ver1.0.0.1000, so people cannot nick your secrets as easily. I was highly contented with what Skater produced, in that the class names were renamed to unreadable chars. The method names also followed this convention, and there seems to be method overloading too, where differently-named methods with different signatures are obfuscated as methods with the same name. Also Skater protects methods' code and the code is not visible with ILSpy. This is because the Skater Pro Edition has Control Flow protection mode enabled.
Now I use Skater on every .NET project - thank you folks!
Hector Maria Miguel
Universidad Nacional Autonoma de Mexico
Mexico City


I want to thank you for the outstanding service, despite the fact that I am only a hundred bucks customer.
Wishing you all the best!

Thierry Biekens
Netherlands

I first purchased Skater Pro in 2008 for a commercial application I needed to secure, and it did the job. Since then I have upgraded my development environment up to VS 2010 on Windows 7, so I decided to purchase an upgrade of Skater to get the current version. Wouldn't you know, I had a problem with very first assembly that I tried to obfuscate. However, I emailed the problem assembly to them and the RustemSoft team came through with a corrected Skater the same day. That's great customer support!
Stephen Rosenbaum
Independent Software Developer
Weston, Florida, US

Our technology is well protected by Skater. As an obfuscator it does it's job well without gouging you on price like some of it's competitors. As a bonus we find that the built-in linker has great potential for version control and object distribution purposes.
It's a great product and the price cannot be beat.

Mark R Neff
President
MKP Inc
Houston, Tx, USA


Just over a year ago we discovered that someone had created a keygen for our Archive Manager software. 2 years of work could have gone up the spout, and the dangers of developing software on the .Net platform (e.g how easy assemblies are to reverse engineer) became very clear.
We looked around at all the different products that were on the market and they were all either far too expensive or really complicated. We just wanted something that we could point at our final compiled versions of our assemblies, hit 'go', and then distribute the protected article.
Skater.Net fitted the bill perfectly, and was the best value for money solution that we found (and we looked at a lot of those on offer!).
So, I would like to thank you for producing what is a great bit of software.
A change of licence keys a year ago, and an extra couple of minutes to scramble the final assemblies before we distribute a new version and the problem of key gens and such has completely gone away.
Good Job :-)
Mark Laverty
President
MLtek, England

mltek.co.uk

Skater has been a very reliable and easy to use program. It has all of the features I need without the problems of other obfuscators. I've tried others but after obfuscating, my program immediately crashes. Even with minimal obfuscation settings. Trying to get in touch with the the creators of these programs takes days or longer. In between that time, I found Skater and never looked back. Skater has always been able to obfuscate my software with all settings turned on. RustemSoft stands behind their product as well - giving very good immediate responses, which is rare in general. It's a pleasure doing business with them.
Brett Romero
President
www.cygen.com

Thank you for the Skater! I'm using the Skater to obfuscate a suite of applications used by a NASCAR Cup Team. It's a competitive environment full of people who really want to know how everything works! I go back and confirm each obfuscation with Lutz Roeder's .Net Reflector, and I really like what I can't see :-)

Michael Bearden , Head of software and engineering services
Apex Educational Technologies, Inc.

Shreveport, LA, USA

It works great! I love the Visual Studio 2005 integration. I have a lot of constants and strings in my projects. I obfuscated them all then tried to view them using Lutz Roeder's .NET Reflector version 4.2.51.0 and I could not read them at all. It works great and for the price it's a no brainer to use this great product.
This product is more efficient than Microsoft's refactoring power toy, and is very easy to use!

Ryan J. Birnesser
Systems Software Designer/Programmer, Pioneer Pole Buildings, Inc.
Schuylkill Haven, PA

You need to obfuscate your .NET code because IL (.NET Intermediate Language) code contains all of the information, apart from comments, that is in .NET executable (*.exe or *.dll) files. Using a decompiler a belligerent competitor can easily reverse engineer your .NET apps. To resist this threat, it is possible to obfuscate your assemblies before distributing your software.
The obfuscation process bereaves all unnecessary information used by debuggers from your .NET classes. Also, class, interface, field and method identifiers are renamed to make them meaningless.
By using Skater .NET Obfuscator the obfuscation cannot be reversed.
Skater .NET Obfuscator has dual representation as a GUI interface and as a command-line tool as well. Skater .NET Obfuscator is designed to be seamlessly integrated into your build process that is why it has the command-line interface. This is done in the reliable and repeatable fashion when the obfuscation tool depends on a graphical user interface for operation.

Application vulnerabilities, Intellectual Property theft and revenue loss are among the most serious risks facing companies today. According to Business Software Alliance statistics, four out of every ten software programs is pirated in software business, world wide.

Unauthorized access to source code can offer a quick back entrance into your systems, business processes and revenue streams. Global piracy rate has increased 40% over the past years and nearly $11 billion is lost. This is definitely a clear threat for software producers and thus to global economy. With more than half of million developers with some level of access to .NET reengineering tools providing near instant access to source from any .NET binary, organizations across industries are entrusting on obfuscation to managing these risks. Over the years, several software protection techniques have been developed, code obfuscation is one of them and it is very promising.

DataGridViewColumns .NET assembly
More about DataGridViewColumns.dll
Download DataGridViewColumns.dll
Order DataGridView Columns

DataGridColumns .NET assembly (Forms)
More about DataGridColumns.dll
Download DataGridColumns.dll
Order DataGridColumns.dll


Code obfuscation is a form of software protection against unauthorized reverse-engineering.
The chief functions of any software protection technique can be determined as detection of pirate attempts to decipher or tamper software, protection against such attempts and alteration of software to ensure that it functionality degrades in an undetectable manner if the protection fails.


Cardinal obfuscation techniques:

Private and Public members names obfuscation.
It scrambles names of classes, methods, variables, and other assembly members. It makes assembly code reverse engineering much harder by obfuscating names. Some Skater settings allow to generated names that will prevent recompilation.
For exe executables you may consider the assemblies to be self-contained, and set obfuscation of all possible names very aggressively, including Public Members.
Public members in dll libraries are advisedly reserved from obfuscation because they are intended to be used in external assembly code. If you are sure some of public members are not to be accessed from outside, you may want to obfuscate them.
Learn more about names obfuscation in Skater on-line documentation

String encryption.
The string encryption function allows you to select literal values of string data type to be encrypted. You may select all strings to be encrypted. Also you may mark some specific strings to obfuscate. You have choice to apply a cryptography method for the string encryption. Only specified strings will be encrypted/obfuscated.
Since Strings can provide useful clues for anyone trying to reverse-engineer your code it makes sense to protect your string data from spying eyes. It will not prevent an absolute hacker from deciphering the conversion and seeing your data. However, for example, an attacker trying to break a licensing routine would first focus attention on Strings having to do with licensing to locate the appropriate spot of code. Skater can make this more difficult by encrypting the strings in your .NET assembly. This is done by inserting a decryption routine into the assembly and calling the decryption code at runtime to return the original Strings.
Learn more about String encryption in Skater on-line documentation

Control Flow obfuscation intended to stop decompilers and deobfuscators from functioning correctly.
Control Flow obfuscation subdues reverse engineering by scrambling .NET methods (functions and procedures) code. The Control Flow obfuscation algorithm distorts and reorders the IL code in the assembly, inserting bait branch instructions while preserving code semantics. This obfuscating essentially converts assembly method implementations into "spaghetti code", making interpretation by human hackers and decompiler tools much more difficult.
Actually Control Flow obfuscation involves the insertion of additional instructions. Applying of this feature increases the size of the output assembly. If a maximum level of code protection is not required for your assembly, you may want to consider disabling this feature to minimize your output executable code size.
Control Flow obfuscation discourages reverse engineering and malicious tampering of software codes by applying false conditional statements and other misleading constructs in order to confuse and break decompilers. Given the original source codes and desired obfuscation criteria, the proposed Control Flow obfuscation works by decomposing the source codes into fragments and then applying various transforms to the code fragments. As the Skaters output, the transformed fragments are re-assembled and obfuscated with the designated obfuscation criteria. Moreover, since only Control Flows are obfuscated with a sequence of transformations that produce equivalent results of the original fragments, the final output can still preserve the same execution results as the original codes.
Learn more about Control Flow obfuscation in Skater on-line documentation


Example

Let's try to write a simple command-line application and then obfuscate it. The following console programs are the VB.NET and C# version of the "Hello World!" program, which displays the string "Hello World!" Actually it is not the traditional "Hello World!" and it displays in addition today's date and current time. We have added couple of private variables to see what happen when we obfuscate them.

VB .NET

Imports System
Module Module1
Private str As String = "Hello World! Today is:"
Private today As Date = Now
Sub Main()
Console.WriteLine(str + CStr(today))
End Sub
End Module

C#

using System;
struct Module1
{
private string str = "Hello World! Today is:";
private System.DateTime today = Now;
void Main()
{
Console.WriteLine(str + System.Convert.ToString(today));
}
}

You can see four highlighted members' names. Two are private variables' names today and str. Module1 is name of the class. Main is name of method that is single method in the simple class.
Now we are ready to compile the simple code in .NET environment. We may get ConsoleApplication1.exe executable file as a result of compilation. What is inside in the executable? Why do people say we need to hide our .NET stuff? The software tools like: .NET reflection, ILDASM.exe, and .NET decompilers can freely show down your .NET code, AKA 'your intellectual property'.
The .NET Framework SDK ships with a disassembler utility called ILDasm that allows you to decompile .NET assemblies into IL (Intermediate Language) Assembly Language statements. To decompile the ConsoleApplication1.exe file start ILDasm on the command line. Take a look what we got after the decompilation:

IL

.class private auto ansi sealed beforefieldinit Module1
extends [mscorlib]System.Object
{
.custom instance void [Microsoft.VisualBasic]Microsoft.VisualBasic.CompilerServices.
StandardModuleAttribute::.ctor() = ( 01 00 00 00 )
.field private static string str
.field private static valuetype [mscorlib]System.DateTime today
.method private specialname rtspecialname static
void .cctor() cil managed
{
.maxstack 8
IL_0000: ldstr "Hello World! Today is:"
IL_0005: stsfld string ConsoleApplication1.Module1::str
IL_000a: call valuetype [mscorlib]System.DateTime [Microsoft.VisualBasic]Microsoft.
VisualBasic.DateAndTime::get_Now()
IL_000f: stsfld valuetype [mscorlib]System.DateTime ConsoleApplication1.Module1::today
IL_0014: nop
IL_0015: ret
} // end of method Module1::.cctor
.method public static void Main() cil managed
{
.entrypoint
.custom instance void [mscorlib]System.STAThreadAttribute::.ctor() = ( 01 00 00 00 )
.maxstack 8
IL_0000: nop
IL_0001: ldsfld string ConsoleApplication1.Module1::str
IL_0006: ldsfld valuetype [mscorlib]System.DateTime ConsoleApplication1.Module1::today
IL_000b: call string [Microsoft.VisualBasic]Microsoft.VisualBasic.CompilerServices.StringType::
FromDate(valuetype [mscorlib]System.DateTime)
IL_0010: call string [mscorlib]System.String::Concat(string,
string)
IL_0015: call void [mscorlib]System.Console::WriteLine(string)
IL_001a: nop
IL_001b: nop
IL_001c: ret
} // end of method Module1::Main
} // end of class Module1

Everything looks pretty obvious and understandable in the IL script. Is not it? Right, it is hard to figure out the IL code for us more mortals. So if you are now guessing your .NET source code will be accessible only to a small circle of technical folks who actually know IL Assembly Language, think again. You can take this step further and actually recreate the source code by using some much sophisticated decompilers. These decompilation tools can decompile a .NET assembly directly back to a high level language like C#, VB .NET, or C++.
Ok, we are ready to obfuscate the sample ConsoleApplication1.exe executable by using Skater .NET Obfuscator. Open the exe file in Skater Obfuscator. In the Obfuscator interface go to Options tab and select 'Alpha-Numeric characters' under 'Naming Conventions'. Choose all Private and all Public members obfuscation mode.
When you run the obfuscated ConsoleApplication1.exe it produces the same result. Take a look what changed inside the simple program. We need to run the ILDasm.exe again against the new obfuscated executable and it will give us the following IL script:

IL

.class private auto ansi sealed beforefieldinit '0AAAA'
extends [mscorlib]System.Object
{
.custom instance void [Microsoft.VisualBasic]Microsoft.VisualBasic.CompilerServices.
StandardModuleAttribute::.ctor() = ( 01 00 00 00 )
.field private static string '1AAA0'
.field private static valuetype [mscorlib]System.DateTime '2AAAA'
.method private specialname rtspecialname static
void .cctor() cil managed
{
.maxstack 8
IL_0000: ldstr "Hello World! Today is:"
IL_0005: stsfld string ConsoleApplication1.'0AAAA'::'1AAA0'
IL_000a: call valuetype [mscorlib]System.DateTime [Microsoft.VisualBasic]Microsoft.
VisualBasic.DateAndTime::get_Now()
IL_000f: stsfld valuetype [mscorlib]System.DateTime ConsoleApplication1.'0AAAA'::'2AAAA'
IL_0014: nop
IL_0015: ret
} // end of method '0AAAA'::.cctor
.method public static void '1AAAA'() cil managed
{
.entrypoint
.custom instance void [mscorlib]System.STAThreadAttribute::.ctor() = ( 01 00 00 00 )
.maxstack 8
IL_0000: nop
IL_0001: ldsfld string ConsoleApplication1.'0AAAA'::'1AAA0'
IL_0006: ldsfld valuetype [mscorlib]System.DateTime ConsoleApplication1.'0AAAA'::'2AAAA'
IL_000b: call string [Microsoft.VisualBasic]Microsoft.VisualBasic.CompilerServices.StringType::
FromDate(valuetype [mscorlib]System.DateTime)
IL_0010: call string [mscorlib]System.String::Concat(string,
string)
IL_0015: call void [mscorlib]System.Console::WriteLine(string)
IL_001a: nop
IL_001b: nop
IL_001c: ret
} // end of method '0AAAA'::'1AAAA'
} // end of class '0AAAA'

Skater .NET Obfuscator just replaced member names with alpha-numeric combinations that makes harder to understand the code. However it is not so big trick and every Obfuscator can do that. Everyone can replace the alpha-numeric char combinations with some eye-friendly names. Moreover, by using ILasm.exe (one more .NET Framework SDK assembler utility that allows you to compile IL code back into an executable) we can easily recompile the obfuscated IL output and it will work without problems.
Skater .NET Obfuscator can generate a non-recompilable executables. See the IL script below.

IL

.class private auto ansi sealed beforefieldinit '?'
extends [mscorlib]System.Object
{
.custom instance void [Microsoft.VisualBasic]Microsoft.VisualBasic.CompilerServices.
StandardModuleAttribute::.ctor() = ( 01 00 00 00 )
.field private static string '?'
.field private static valuetype [mscorlib]System.DateTime '?'
.method private specialname rtspecialname static
void .cctor() cil managed
{
.maxstack 8
IL_0000: ldstr "Hello World! Today is:"
IL_0005: stsfld string ConsoleApplication1.'?'::'?'
IL_000a: call valuetype [mscorlib]System.DateTime [Microsoft.VisualBasic]Microsoft.
VisualBasic.DateAndTime::get_Now()
IL_000f: stsfld valuetype [mscorlib]System.DateTime ConsoleApplication1.'?'::'?'
IL_0014: nop
IL_0015: ret
} // end of method '?'::.cctor
.method public static void '?'() cil managed
{
.entrypoint
.custom instance void [mscorlib]System.STAThreadAttribute::.ctor() = ( 01 00 00 00 )
.maxstack 8
IL_0000: nop
IL_0001: ldsfld string ConsoleApplication1.'?'::'?'
IL_0006: ldsfld valuetype [mscorlib]System.DateTime ConsoleApplication1.'?'::'?'
IL_000b: call string [Microsoft.VisualBasic]Microsoft.VisualBasic.CompilerServices.StringType::
FromDate(valuetype [mscorlib]System.DateTime)
IL_0010: call string [mscorlib]System.String::Concat(string,
string)
IL_0015: call void [mscorlib]System.Console::WriteLine(string)
IL_001a: nop
IL_001b: nop
IL_001c: ret
} // end of method '?'::'?'
} // end of class '?'

Sure, the presented above IL code can not be compiled or the compiled executable will not work well. As you can see all member names has the same single '?' character representation. We can get the result by using Skater .NET Obfuscator special settings. In the Obfuscator interface go to Options tab and select '?' characters under 'Naming Conventions'.
The member names obfuscation is the very first essential step of .NET assembly obfuscation. You need to apply other Skater .NET Obfuscator methods and algorithms to better secure your .NET apps.









Copyright © 2001-2014 Rustemsoft LLC