Pre-Compile - Obfuscate Roslyn Generated Code

时间:2016-07-11 19:27:43

标签: c# obfuscation roslyn

I have recently been tasked with coming up with a solution for providing renaming functions, as well as various other obfuscation pre-compile at runtime. I believe using Roslyn is the way to go, but please provide any insight you may have.

The ultimate goal is as follows: Allow end user to select various options that are then generated into a text version of assembly at runtime. We then use Roslyn to generate the .exe. I was curious if it possible to obfuscate at runtime, before the EXE is even generated. This way I can rename vars, etc.

1 个答案:

答案 0 :(得分:5)

您可以使用任何可以可靠地转换C#源代码的工具。

罗斯林只是一个有趣的方式;您可以修改程序并生成目标代码。这应该有用。

其他Program Transformation Systems (PTS)可以通过修改代码来实现。 PTS读取源代码,构建编译器数据结构(例如,AST),允许您修改AST,然后可以从修改的AST重新生成源代码。这样你就可以看到混淆的代码;您可以随后使用C#编译器进行编译。一个好的PTS将允许您使用以下形式编写目标语言语法的代码转换:

 if you see *this pattern*, replace it by *that pattern*

以下表示为

  rule <name> <patternvariables>  "thispattern" -> "thatpattern";

使用PTS,您可以对源代码进行任意更改,包括函数和变量重命名,代码流加扰和数据流加扰。例如,您可能会使用此规则来增加混淆:

  rule scramble_if_then(c: condition, b: block): statement -> statement
       " if (\c) \b " ->  "int temp = \c?4:3;
                           while (temp>3) {\b; temp--; }";

这个规则有点简单/愚蠢,但我认为它可以说明你可以编写可读的源代码转换。如果你有很多这样的规则,它会对代码进行大量加扰,特别是如果你的规则进行了复杂的转换。

我们使用DMS Software Reengineering Toolkit来实现name-scrambling obfuscators,包括一个C#。