Skater .NET Obfuscator適合那些希望周期性地混淆.NET產品代碼的用戶。RustemSoft內部也在使用Skater，以保證所有RustemSoft .NET可執行文件和程序集的安全。命令行版本（運行在批量文件模式下）將更方便升級您的預定產品。先在一個圖形用戶界面版本中為一個程序集分配一些配置，這些配置將在批量混淆文件時使用。

Skater .NET Obfuscator功能介紹 | Skater .NET Obfuscator示例 | Skater .NET Obfuscator各種版本之間的區別

Skater .NET Obfuscator的主要功能

• 阻止逆向工程。

• 混淆后的應用程序一般不能反編譯。

• 可處理任何.NET應用程序、可執行文件和程序集。

• 可加密常量字符串。

• 兼容于任何.NET框架(1.0, 1.1, 2.0, 3.0, and 3.5)。

• 流量控制混淆可防范反編譯器和反混淆器。

• 可擾亂類名，方法名和字段名等。

• .NET授權功能。

• 為小的.NET應用程序提供.NET代碼擴展保護。

• 在一個dll或者exe文件中加入配置鏈接、鏈接器單元和.NET程序集。

應用程序漏洞、偷竊知識產權和收入損失是現今公司面臨的最大威脅。根據商業軟件聯盟（Business Software Alliance）的數據，世界范圍內，軟件盜版率達40%。

代碼混淆可有效地防止未授權的逆向工程。
任何軟件保護技術的主要功能是：檢測盜版行為（破解密碼或者篡改軟件）；這些破解密碼和篡改軟件的行為將使被保護的軟件降級到無檢測狀態，軟件保護技術還要防止這種降級情況的發生。

主要的混淆技術：

• 混淆私有和公共變量的名字
  擾亂類、方法、變量和其他程序集的名字。名字被混淆后，難以對程序集代碼實施反向工程。Skater的一些設置可生成防止反編譯的名字。

• 字符串加密
  字符串加密功能可對字符串數據類型值進行選擇加密。您也可對所有的字符串加密。可以混淆某些特殊的字符串。可以選擇某種加密方法對字符串加密，只有一些特別的字符串將被加密或混淆。

• 控制流混淆
  可阻擋反編譯器和反混淆器。通過打亂.NET方式（功能和程序）代碼，控制流混淆可阻止逆向工程。通過流量控制混淆算法，在程序集中的IL代碼將被打亂，在保護代碼時還會插入誘餌指示。控制流混淆方法實際上是將程序集轉換為“管道代碼”，黑客和反編譯工具更難入侵。

例子

先寫一段簡單的命令行應用程序，然后混淆它。下面兩段程序分別是VB.NET 和 C# 版的"Hello World!"程序（顯示字符串"Hello World!"）。實際上，除了顯示"Hello World!"，它還會顯示今天的日期和當下的時間。為了弄清混淆后會有何不同，我們還會加入兩個私有變量。

你可以看到四個高亮的成員名。兩個是私有變量名：today和str. Module1是類名。Main是一個簡單類中的唯一一個方法（method）名。現在我們開始在.NET環境中編譯這些簡單的代碼。編譯后，我們可以得到ConsoleApplication1.exe可執行文件。這個可執行文件中包含什么呢？為什么人們認為需要隱藏了.NET中的東西呢？

.NET Framework SDK中有一個反匯編器ILDasm，通過ILDasm，您可將.NET編譯語言反編譯為IL（.NET框架中的中間語言）程序集語言形式。在命令行中運行ILDasm，您就可以反編譯ConsoleApplication1.exe。下圖就是反編譯后的代碼。

這些IL腳本是不是很清晰，可以讀懂呢？也許，對于我們這些菜鳥，這些IL代碼確實難懂。但是對于那些真正懂得IL語言的技術專家，這些.NET源程序是小菜一碟。通過一些更高級的反編譯器將源代碼轉換為其他語言，這樣更多人能讀懂您的源代碼。更高級的反編譯器可以將.NET程序集直接反編譯為高級語言，如C#, VB .NET, 或者 C++.

現在，我們通過Skater .NET Obfuscator混淆這段ConsoleApplication1.exe可執行文件。在Skater Obfuscator中打開這個exe文件，進入用戶界面中的Options，然后選擇在'Naming Conventions'下的'Alpha-Numeric characters'。選擇所有混淆模式下的私人和公共成員。

當您運行混淆后的ConsoleApplication1.exe時，它的運行結果是一樣的。讓我們看看混淆后，這個簡單的程序里發生了什么變化。我們需要再次在ILDasm.exe中運行這個被混淆后的可執行文件（ConsoleApplication1.exe），然后我們可以得到下面IL腳本。

Skater .NET Obfuscator通過阿拉伯數字取代成員名，這使得代碼更難理解。但這沒什么了不起，每種混淆器都可以做到。每個人都可以用不同的阿拉伯數字取代名稱。ILasm.exe是另外一款.NET Framework SDK編譯器，可以將IL代碼編譯成可執行文件代碼。通過它，我們可以將被混淆的IL代碼反編譯成可執行文件。Skater .NET Obfuscator可以生成無法反編譯的可執行文件。下面是IL腳本。

可以看到，所有的成員名都被'?'代替。很明顯，上面的IL代碼無法編譯，即使編譯成了可執行文件也將無法正常運行。通過Skater .NET Obfuscator中的一些特殊設置，很容易得到這樣的IL代碼。只需進入混淆器界面中的Options，在'Naming Conventions'.下選擇'?' characters即可。

Skater .NET Obfuscator通過改變字節碼，將那些有意義的方式名（比如Main()）用隱藏名（比如'?'()）取代。這些新名也稱為亂碼名。雖然反編譯器還是可以將混淆后的字節代碼反向轉換，但是這些沒有意義的亂碼名極大地降低了新生成的源程序代碼的價值，而且代碼很難讀懂。這些亂碼名還有一個好處，當長的名字被簡短的名字代替時，編譯代碼的長度也變短了。

混淆成員名只是.NET程序集混淆過程中的第一步。為了更好的保護您的.NET應用程序，您還要使用Skater .NET Obfuscator中的其他功能和算法。

Skater .NET混淆器各種版本之間的區別比較：

.NET代碼保護可以防止.NET安裝源代碼進行再編譯（沒有改變其功能性），并隱藏.NET代碼的主要部分。對于需要利用.NET代碼保護功能的.NET程序開發者，標準版是一實惠的解決方案。基于標準版，軟件開發者可以：

• 名稱混淆

• 字符串加密

專業版除了具有標準版的功能外，還增加了字符串加密、控制流混淆和.NET鏈接程序集功能。

終極版為軟件開發者提供混淆器的所有功能。除了標準版和專業版的功能外，終極版還提供代碼擴展和.NET應用程序授權功能。

If you would like periodically obfuscate your .NET products the Skater .NET Obfuscator is for you. RustemSoft is using the Skater for internal needs securing all RustemSoft .NET executables and assemblies. Its command-line version running in batch mode is much useful for your scheduled products updates. You have to assign settings for an assembly in GUI version first. Then the batch obfuscate task will use the settings.

Main features of Skater .NET Obfuscator

• Prohibits reverse engineering
• Obfuscated application usually is not recompilable
• Processes any .NET application, executable or assembly
• Encrypts string constants
• Compatible with any .NET framework (1.0, 1.1, 2.0, 3.0, and 3.5)
• Control flow obfuscation stops decompilers and deobfuscators
• Scrambles class names, method names, field names etc.
• Provides .NET Licensing features
• Implements .NET Code Extension for small .NET applications protection.
• Implements assemblies linkage; linker unites .NET assemblies into a single dll or exe

Application vulnerabilities, Intellectual Property theft and revenue loss are among the most serious risks facing companies today. According to Business Software Alliance statistics, four out of every ten software programs is pirated in software business, world wide.

Code obfuscation is a form of software protection against unauthorized reverse-engineering.
 The chief functions of any software protection technique can be determined as detection of pirate attempts to decipher or tamper software, protection against such attempts and alteration of software to ensure that it functionality degrades in an undetectable manner if the protection fails.

Cardinal obfuscation techniques:

Private and Public members names obfuscation.
It scrambles names of classes, methods, variables, and other assembly members. It makes assembly code reverse engineering much harder by obfuscating names. Some Skater settings allow to generated names that will prevent recompilation.

String encryption.
The string encryption function allows you to select literal values of string data type to be encrypted. You may select all strings to be encrypted. Also you may mark some specific strings to obfuscate. You have choice to apply a cryptography method for the string encryption. Only specified strings will be encrypted /obfuscated.

Control Flow obfuscation intended to stop decompilers and deobfuscators from functioning correctly.
 Control Flow obfuscation subdues reverse engineering by scrambling .NET methods (functions and procedures) code. The Control Flow obfuscation algorithm distorts and reorders the IL code in the assembly, inserting bait branch instructions while preserving code semantics. This obfuscating essentially converts assembly method implementations into "spaghetti code", making interpretation by human hackers and decompiler tools much more difficult.

Example

Let's try to write a simple command-line application and then obfuscate it. The following console programs are the VB.NET and C# version of the "Hello World!" program, which displays the string "Hello World!" Actually it is not the traditional "Hello World!" and it displays in addition today's date and current time. We have added couple of private variables to see what happen when we obfuscate them.

You can see four highlighted members' names. Two are private variables' names today and str. Module1 is name of the class. Main is name of method that is single method in the simple class.
Now we are ready to compile the simple code in .NET environment. We may get ConsoleApplication1.exe executable file as a result of compilation. What is inside in the executable? Why do people say we need to hide our .NET stuff?

The .NET Framework SDK ships with a disassembler utility called ILDasm that allows you to decompile .NET assemblies into IL (Intermediate Language) Assembly Language statements. To decompile the ConsoleApplication1.exe file start ILDasm on the command line. Take a look what we got after the decompilation:

Everything looks pretty obvious and understandable in the IL script. Is not it? Right, it is hard to figure out the IL code for us more mortals. So if you are now guessing your .NET source code will be accessible only to a small circle of technical folks who actually know IL Assembly Language, think again. You can take this step further and actually recreate the source code by using some much sophisticated decompilers. These decompilation tools can decompile a .NET assembly directly back to a high level language like C#, VB .NET, or C++.

Ok, we are ready to obfuscate the sample ConsoleApplication1.exe executable by using Skater .NET Obfuscator. Open the exe file in Skater Obfuscator. In the Obfuscator interface go to Options tab and select 'Alpha-Numeric characters' under 'Naming Conventions'. Choose all Private and all Public members obfuscation mode.

When you run the obfuscated ConsoleApplication1.exe it produces the same result. Take a look what changed inside the simple program. We need to run the ILDasm.exe again against the new obfuscated executable and it will give us the following IL script:

Skater .NET Obfuscator just replaced member names with alpha-numeric combinations that makes harder to understand the code. However it is not so big trick and every Obfuscator can do that. Everyone can replace the alpha-numeric char combinations with some eye-friendly names. Moreover, by using ILasm.exe (one more .NET Framework SDK assembler utility that allows you to compile IL code back into an executable) we can easily recompile the obfuscated IL output and it will work without problems.
 Skater .NET Obfuscator can generate a non-recompilable executables. See the IL script below.

Sure, the presented above IL code can not be compiled or the compiled executable will not work well. As you can see all member names has the same single '?' character representation. We can get the result by using Skater .NET Obfuscator special settings. In the Obfuscator interface go to Options tab and select '?' characters under 'Naming Conventions'.

Skater .NET Obfuscator changes the bytecodes so that meaningful method names, such as Main(), could be presented as a cryptic names such as '?'(). This renaming is also known as name mangling. Although decompilers can still reverse-engineer obfuscated bytecodes, the meaningless names greatly reduce the value of the generated source code and make the code not understandable. The name mangling also has an interesting side effect: after obfuscation, when wordy, descriptive names are converted to shorter, simpler names, the total size of the compiled code shrinks.

The member names obfuscation is the very first essential step of .NET assembly obfuscation. You need to apply other Skater .NET Obfuscator methods and algorithms to better secure your .NET apps.

Skater .NET obfuscator is available in several editions presented in the table below:

The Standard Edition is an economical solution for .NET developers who need to utilize the .NET code protection that will prevent .NET assembly source code recompilation without changing its functionality and will hide the main points of your .NET code. With the Standard Edition, developers can do:

• Names mangling
• Strings encryption

In addition to options presented in Standard Edition by using the Professional Edition you will be able to implement Strings cryptography, Control Flow obfuscation, and .NET assembly linking.

Skater .NET obfuscator Ultimate Edition is a complete solution for developers who want to use the full gamma of obfuscator's features. In addition to options presented in Standard Edition and Professional Edition by using the Ultimate Edition you will be able to implement Code Extension, and .NET application licensing.