.net application encryption.

[Guest nicconics]

Is it possible, using either vb.net or c# to write an onload function that will decrypt the application itself? We used to use polymorphism when I was writing x86 computer virii in the early 90's, but I am not sure that this is possible using the CLR, since the applications themselves don't have a correct PE header. Does anyone know if anything like this is possible, other than using some form of obfuscation? I dont need it for any specific reason, I was just curious if it was possible to encrypt part of a program and decrypt it at run time. Thanks.

[M_Lyons10]

I may very well be wrong, but I think your only real option here would be obfuscation of the executable... It's the only solution I've ever actually found for this.

[SirEvan]

VS 2010 came with a free community edition of an obfuscator...it wasn't the greatest, but it was free and works relatively well for preventing RE'ing of your app. Check it out

edit: here you go: http://blogs.msdn.com/b/bethmassi/archive/2010/02/23/dotfuscator-gets-better-and-still-free-in-visual-studio-2010.aspx

[Guest nicconics]

Yeah I was thinking thats all there was. Since the apps dont have a correct PE header, something like pepack wont work. Thanks again.

[guitmz]

what you can do is create a dropper. you can use a host app to deploy another app line by line to a buffer and than compile that buffer into a executable.. .net allows inline compilation. you can crypt this code with some algorithm on droppers source and obfuscate the dropped exe, make random calls, inline calls, asm calls, dll calls or whatever to make harder to understand