Answered Prevent the hackers to hack your app

tester

Member
Joined
Sep 11, 2020
Messages
6
Programming Experience
3-5
I'm close to releasing my first app in c# and I want to know any tips for avoiding hacking
Thanks
 

Sheepings

Retired Programmer
Staff member
Joined
Sep 5, 2018
Messages
1,877
Location
UK
Programming Experience
10+
What type of app is it?

@jmcilhinney is right, you need to add more specifics. But from what I've found regarding this type of question being asked around the net. A lot of developers are reluctant to publicly share this information on what works for them. Obviously because them sharing the steps they perform to secure their applications, becomes public information and this in-turn helps those pesky little shits from reverse engineering your code, stealing it, and either pirating or reselling your work. But if you are a little more specific, I can suggest somethings you can do depending on what type of protection you want to implement.
I want to know any tips for avoiding hacking
Tell us more about what types of attacks or hacking you want to avoid?
 

tester

Member
Joined
Sep 11, 2020
Messages
6
Programming Experience
3-5
What type of app is it?

@jmcilhinney is right, you need to add more specifics. But from what I've found regarding this type of question being asked around the net. A lot of developers are reluctant to publicly share this information on what works for them. Obviously because them sharing the steps they perform to secure their applications, becomes public information and this in-turn helps those pesky little shits from reverse engineering your code, stealing it, and either pirating or reselling your work. But if you are a little more specific, I can suggest somethings you can do depending on what type of protection you want to implement.

Tell us more about what types of attacks or hacking you want to avoid?

Being more specific, at the start of the app, there is a login form, it runs a hidden web browser with a php script url to my website consulting if the user is registered, returning also his subscription type, this value is stored in the app as a number and is what I want to protect to avoid change intentionally because this value makes the app run into trial o full mode
 

Sheepings

Retired Programmer
Staff member
Joined
Sep 5, 2018
Messages
1,877
Location
UK
Programming Experience
10+
It would appear you have gone about this in the worst possible way. And why are you using a web browser control with a php script?

There are better approaches and ones which are more secure. Something similar to this example : Using WebClient or WebRequest to login to a website and access data

So basically, after you change your code to using a web client instead, you can then start looking at obfuscation software. You should however note, that just because something can be obfuscated, this does not mean it can not be reversed. It's still worth obfuscating your source anyway, as it makes it harder for those pesky sniffers to read the source. Microsoft provide Dotfuscator Community - Visual Studio however, there are also other suggestions found here : Which tool is best for obfuscation? - (See answer by ankit.nagpal).

You can also find a list of obfuscating choices here : .NET Obfuscators : C# 411

A smart man once told me. " Whatever man can make; man can break. " Nothing truly offers rock solid security when it comes to source code and reverse engineering.

Hope this helps.
 

Sheepings

Retired Programmer
Staff member
Joined
Sep 5, 2018
Messages
1,877
Location
UK
Programming Experience
10+
You're welcome.

If you have any questions, or if you need to brainstorm any ideas, we are happy to bang our heads together and try come up with some new suggestions for you. But as I said, there is no one way - one program which will protect your source code. It's something I actively research, so I can try to stay on top of for security sake. Security is never guaranteed even with obfuscation.
 

astro

New member
Joined
Dec 28, 2020
Messages
1
Programming Experience
1-3
In my Opinion NO APP CAN BE COMPLETELY PROTECTED especially C# its reversable u can see the real code by just using tools like [REDACTED] and [REDACTED] most obfsuctors can be Deobfsucated using [REDACTED] and if it fail reverse engineers can understand ur obfsucation algorithm and Deobfsucate every obfsucation algorithm has been broken even VMprotect which by obfsucation technology standards the most secure and complex obfsuctor even this many tools has been released to Deobfsucate it so no way to completely protect ur app sadly

Mod edit : Lets not make it easy to help script kiddies reverse engineer peoples program creations. Names redacted.
 
Last edited by a moderator:
Top Bottom