Many developers and programmers are still not aware that Portable Executable files can be decompiled into readable source code. Before going to the topic of what we do to stop or make it hard for the decompilers to reverse engineer the source code, we need to understand some basic concepts. A Cybersecurity consulting company can help you to provide the best-secured way to avoid decompilation for your application.
Is C# easy to decompile?
C# is easy to decompile because it contains metadata that can aid in decompilation. C# also compiles down to an intermediate language which maps much better to the exact source code. so it is easy to decompile. C# compiles to CIL. Typically, a lot more information about the exact source code, such as object-oriented concepts including class structure, can be gleaned from reading the CIL than from reading.
How to prevent decompilation against C# applications?
One way to make the C# application a little more difficult to crack would be to deliver it as a program that decrypts its instructions, compiles and runs them only when needed. This way, if someone finds out where the exact code is stored, it will still be encrypted and without a license it is unusable.
What is a Portable Executable file?
When source code is compiled, it generates a Portable Executable file. Portable Executable is either a DLL or an EXE. Portable executable file contains Microsoft Intermediate Language and Metadata. Microsoft intermediate language is ultimately converted by CLR into the native code which a processor can understand. Metadata contains assembly information like Assembly Name, what the Version is, Culture and the Public Key. Consult a cyber security solution that makes your application safe and portable.
How Can We Get Source Code from EXE?
Yes, you heard right we can get the source code from DLL or EXE. To show this, let's create a simple app first.
Steps to develop an application is:
- Open Visual Studio
- create a new project
- select console-based application
- Add some code to the newly created project
For example, start with the sample code below:
using System;
namespace MyConsoleApp {
internal class Program{
private static void Main(string[] args){
Console.WriteLine(PublicMethod());
Console.WriteLine(PrivateMethod());}
public static string PublicMethod(){
// Your source code here
return "Public Method";}
private static string PrivateMethod(){
// Your source code here return "Private Method";}}}
OK! After that now builds the application, an EXE will be generated in the folder bin/debug. Now let's try to get the code from the EXE file:
- open Visual Studio command prompt.
- Type ildasm and hit enter( ILDASM basically has an ability to read intermediate language).
- open the EXE file that was created.
As we can see, ILDASM disassembles the EXE and lots of useful information can be stored, though it does not provide the original code completely, a lot can be changed. The easy way to reverse engineer and get the exact code is that there are decompilers available and used for free, which can convert the Intermediate Language into the original source code.
When we open the EXE with a decompiler we are able to see the original code. This can lead to piracy and you can lose your profits.
How to Prevent EXE from Getting Decompiled?
The process of protecting the EXE and DLL from getting decompiled into the exact code is called Obfuscation. There is a lot of software available to Obfuscate the .NET assemblies. The below settings are related to confuserex.
- Download obfuscate software that is available online.
- Extract the zip and then run
- Select the EXE you want to protect.
- Once you are done makeup the directories and adding EXE, go to the Settings tab.
- Click on the button “+”, you will see “true” under Rules
- Click on the edit rule
- A new window will appear
- Click on the “+” button
- You can choose different ways to add levels of protection
- Select only with “Anti IL Dasm” and “Anti Tamper”(this is enough to make things hard to reverse engineer for decompilers).
- Click on Done
- Go to Protect tab
- Click on Protect button
- You can find the protected EXE in the output directory selected
ALL SET! Now you see your EXE cannot be decompiled anymore.
If you have any queries about this topic or have to get cybersecurity services and consultations against these serious cyber attacks. Feel free to contact us. AIRZERO SEC will always be your strong firewall. E-mail id: [email protected]
Author - Johnson Augustine
Ethical Hacker and Data Security Researcher
Founder: Airo Global Software Inc
LinkedIn Profile: www.linkedin.com/in/johnsontaugustine/