将 C# 编译为 Native?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/1921656/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Compiling C# to Native?
提问by mrduclaw
I think I'm somewhat confused about compiling .NET byte-code to native code, or maybe I'm confused about the end result. So please bear with me as I try to sort through what I think I understand so you can help me figure out what I'm missing.
我想我对将 .NET 字节码编译为本机代码有些困惑,或者我对最终结果感到困惑。因此,请耐心等待我尝试整理我认为我理解的内容,以便您帮助我弄清楚我遗漏了什么。
What I'd like to do is compile my application written in C# down to regular native codelike I'd get if I had written it in C. My reasoning has nothing to do with performance, but rather with some degree of protection. I understand that my end-goal is not impossible (or even really that difficult) to circumvent, but I just feel like reversing x86 assembly is more difficult than reversing what Reflector gives me.
我想做的是将我用 C# 编写的应用程序编译成常规的本机代码,就像我用 C 编写的那样。我的推理与性能无关,而是与某种程度的保护有关。我知道我的最终目标并非不可能(甚至真的那么难)规避,但我只是觉得逆转 x86 汇编比逆转 Reflector 给我的东西更困难。
Right now if I throw my C# application into Reflector, I basically get my source-code back. Typically when I throw my unmanaged C/C++ applications into IDAPro and use the HexRays decompiler, I don't quite get the same degree of decompilation back and I have to resort to wading through x86 disassembly to understand the logic flow. It's my understanding that such great decompilation comes from Reflector due to the application being in MSIL instead of the more terse native code that HexRays tries to decompile.
现在,如果我将我的 C# 应用程序放入 Reflector,我基本上可以得到我的源代码。通常,当我将我的非托管 C/C++ 应用程序放入 IDAPro 并使用 HexRays 反编译器时,我并没有完全得到相同程度的反编译,我不得不求助于 x86 反汇编来理解逻辑流程。我的理解是,如此出色的反编译来自 Reflector,因为应用程序位于 MSIL 中,而不是 HexRays 试图反编译的更简洁的本机代码。
I have no concerns about the client machine still needing the .NET runtimes, I'm not trying to circumvent any of that. I would like to run normal software obfuscation programs like upxon my program, and doing it as a .NET binary fails.
我不担心客户端机器仍然需要 .NET 运行时,我不想规避任何这些。我想像upx在我的程序上一样运行普通的软件混淆程序,并且在 .NET 二进制文件失败时这样做。
It was my understanding from thisrelated question that ngendoes what I want. I've tried using ngen. But after copying the output file from the C:\Windows\assemblies\...\applicationName.ni.exedirectory to somewhere I can double-click, and trying to run it produces an error about it not being "a valid Win32 application". Further, when I toss the applicationName.ni.exeinto Reflector, I get the same output as I did from just the applicationName.exe. Since applicationName.ni.exeis supposed to be native code, I expected Reflector to error out, but it didn't. If this the way I'm supposed to do this, why did Reflector still give me such a great decompilation?
我对这个相关问题的理解ngen是我想要的。我试过使用ngen. 但是在将输出文件从C:\Windows\assemblies\...\applicationName.ni.exe目录复制到某个地方后,我可以双击,并尝试运行它会产生一个错误,提示它不是“有效的 Win32 应用程序”。此外,当我将它applicationName.ni.exe扔进 Reflector 时,我得到的输出与仅从applicationName.exe. 由于applicationName.ni.exe应该是本机代码,我希望 Reflector 出错,但它没有。如果这是我应该这样做的方式,为什么 Reflector 仍然给我这么好的反编译?
So, just to summarize my main question again: How can I compile my .NET program into a native binary that Reflector won't so easily decompile? Or what's some best practices for protecting a product written in a .NET language from newbie reverse-engineers?
所以,再次总结一下我的主要问题:如何将我的 .NET 程序编译成 Reflector 不会那么容易反编译的本机二进制文件?或者什么是保护用 .NET 语言编写的产品免受新手逆向工程师攻击的最佳实践?
If I need a different tool, I'd prefer something free and not something like Codewall.
如果我需要不同的工具,我更喜欢免费的东西,而不是像Codewall这样的东西。
Thanks!
谢谢!
UPDATE:I understand that what I'm looking for might limit some of the features of the language like Reflection, but I think I'm fine with that. None of my code does any explicit Assembly.Loadcalls or anything of the sort. But couldn't those just be replaced with GetProcAddress/LoadLibrarycalls anyway?
更新:我知道我正在寻找的可能会限制该语言的某些功能,例如 Reflection,但我认为我对此没有意见。我的代码都没有执行任何显式Assembly.Load调用或任何类似的操作。但无论如何不能用GetProcAddress/LoadLibrary电话代替吗?
采纳答案by Sivx
I just validated.Net Nativeon VS2015& Windows 8.1(when configured correctly, examine .proj to validate) and building for a particular architecture (may be overkill, haven't validated), will produce a native file which will give you the "harder to reverse engineer" code you are looking for which for me was unabled to read .dllvia DotPeek(free .Net decompiler from JetBrains).
我刚刚在VS2015和Windows 8.1上验证了.Net Native(如果配置正确,请检查 .proj 进行验证)并为特定架构构建(可能有点矫枉过正,尚未验证),将生成一个本机文件,该文件将为您提供“更难逆向工程“您正在寻找的代码对我来说无法通过DotPeek读取.dll(来自 JetBrains 的免费 .Net 反编译器)。
回答by plinth
If you want to protect your code, an obfuscator is the typical approach. Dotfuscatorhas been in an arms race with reflector for a while and we use it on our products. In practice, however, a skilled human can easily read obfuscated code.
如果您想保护您的代码,混淆器是典型的方法。 Dotfuscator与反射器的军备竞赛已经有一段时间了,我们在我们的产品中使用它。然而,在实践中,熟练的人可以轻松阅读混淆代码。
Compiling to native code defeats the purpose of having a managed language. The main benefit is to allow the target runtime to JIT the IL into something that is optimally palatable for the target CPU. If you want otherwise, you would use something like the ahead-of-time option in mono.
编译为本机代码违背了拥有托管语言的目的。主要的好处是允许目标运行时将 IL 转换为最适合目标 CPU 的东西。如果需要,您可以在 mono 中使用诸如提前选项之类的东西。
回答by MSalters
NGEN adds native code, but it does not remove the MSIL. Therefore, any tool operating on the MSIL can still work. You also need this for reflection, something that would be very hard for a true native compiler.
NGEN 添加了本机代码,但不会删除 MSIL。因此,任何在 MSIL 上运行的工具仍然可以工作。您还需要它进行反射,这对于真正的本机编译器来说是非常困难的。
回答by Hans Passant
That's not how ngen.exe works. It merely runs the JIT compiler up front to generate the .ni.exe or .ni.dll module. That binary file does not contain metadata, only the machine code generated from the IL for the method bodies. The CLR still must find the original assembly. Only then can it determine that there is an ngen-ed image available so that it can use the machine code from it rather than generate it from the assembly's IL.
这不是 ngen.exe 的工作方式。它只是预先运行 JIT 编译器来生成 .ni.exe 或 .ni.dll 模块。该二进制文件不包含元数据,仅包含从 IL 为方法主体生成的机器代码。CLR 仍然必须找到原始程序集。只有这样它才能确定有一个可用的 ngen-ed 映像,以便它可以使用它的机器代码,而不是从程序集的 IL 生成它。
Ngen.exe speeds up the warm startup time of your app, that's all.
Ngen.exe 加快了应用程序的热启动时间,仅此而已。
My usual advice to anybody that might be interested in disassembling my assemblies is to point them to sourceforge.net. It has terabytes of source code, written and maintained by programmers that are usually better than me. Sometimes even with good comments. If your obfuscator doesn't work well then shop around for a better one. There are many.
对于可能对反汇编我的程序集感兴趣的任何人,我通常的建议是将它们指向 sourceforge.net。它有数 TB 的源代码,由通常比我优秀的程序员编写和维护。有时甚至有好的评论。如果您的混淆器不能很好地工作,那么请四处寻找更好的。有许多。
回答by dkackman
Spoon (previously Xenocode) has a product that might fit your needs. We use it for a WPF based installer UI so we don't have to bootstrap .net in order to load the setup program itself.
Spoon(以前称为Xenocode)有一款产品可能适合您的需求。我们将它用于基于 WPF 的安装程序 UI,因此我们不必引导 .net 来加载安装程序本身。
回答by Brian Genisio
I might step back and ask why you are looking for this type of protection. I'm not trying to argue that you don't need the protection, but I think it is worth understanding the motivation.
我可能会退一步问你为什么要寻找这种类型的保护。我并不是要争辩说您不需要保护,但我认为值得了解动机。
For instance, if you want protection because you have an algorithm in your system where it would be devastating to security if someone reverse-engineered it, then you might need to consider a different approach. It means there is a flaw in the algorithm and no amount of obfuscation or native compiling will help you there.
例如,如果您想要保护是因为您的系统中有一个算法,如果有人对其进行逆向工程,这将对安全性造成破坏性影响,那么您可能需要考虑不同的方法。这意味着算法存在缺陷,再多的混淆或本机编译都无济于事。
If is a matter of IP, then I think obfuscation is probably your best approach here. It is kind of like putting a lock on your door. Someone can break the lock and get in, but they are intentionally doing it as opposed to just walking in the door.
如果是 IP 问题,那么我认为混淆可能是您最好的方法。这有点像在你的门上放一把锁。有人可以打破锁并进入,但他们是故意这样做的,而不是只是走进门。
回答by chris
this is a free obfuscator, which is quiet good: eazfuscator
这是一个免费的混淆器,很安静: eazfuscator
回答by Tuomas Laakkonen
This is possible using the IL2CPU compiler. IL2CPU is developed by the same people who make COSMOS (C# Open Source Managed Operating System) and is only available by downloading cosmos. IL2CPU produces ASM files which can be compiled through Nasm (some other assemblers may work but it is best to use nasm). the only problem with IL2CPU is that it is built in to the Cosmos Project and it is quite difficult to get it to run on its own.
这可以使用 IL2CPU 编译器实现。IL2CPU 是由制作 COSMOS(C# 开源管理操作系统)的同一个人开发的,并且只能通过下载 cosmos 获得。IL2CPU 生成可以通过 Nasm 编译的 ASM 文件(其他一些汇编程序可能工作,但最好使用 nasm)。IL2CPU 的唯一问题是它内置在 Cosmos 项目中,很难让它自己运行。
回答by Dаn
Yesterday, at Build 2014, Microsoft announced .NET Native. According to the FAQ, "... Initially, we are focusing on Windows Store apps with .NET Native. In the longer term we will continue to improve native compilation for all .NET applications."
昨天,在Build 2014 上,微软宣布了.NET Native. 根据常见问题解答,“......最初,我们专注于使用 .NET Native 的 Windows Store 应用程序。从长远来看,我们将继续改进所有 .NET 应用程序的本机编译。”
回答by Amir
This is finally possible using Microsoft's .NET Native compiler
这最终可以使用 Microsoft 的 .NET Native 编译器实现
It automatically compiles the release version of apps that are written in managed code (C# or Visual Basic) and that target the .NET Framework and Windows 10 to native code.
它会自动将使用托管代码(C# 或 Visual Basic)编写且面向 .NET Framework 和 Windows 10 的应用程序的发布版本编译为本机代码。
..
..
?Your apps will provide the superior performance of native code.
?You can continue to program in C# or Visual Basic.
?You can continue to take advantage of the resources provided by the .NET Framework, including its class library, automatic memory management and garbage collection, and exception handling.
For users of your apps, .NET Native offers these advantages:
?Fast execution times
?Consistently speedy startup times
?Low deployment and update costs
?Optimized app memory usage
But .NET Native involves more than a compilation to native code. It transforms the way that .NET Framework apps are built and executed. In particular:
?During precompilation, required portions of the .NET Framework are statically linked into your app. This allows the app to run with app-local libraries of the .NET Framework, and the compiler to perform global analysis to deliver performance wins. As a result, apps launch consistently faster even after .NET Framework updates.
?The .NET Native runtime is optimized for static precompilation and thus is able to offer superior performance. At the same time, it retains the core reflection features that developers find so productive.
?.NET Native uses the same back end as the C++ compiler, which is optimized for static precompilation scenarios.
?您的应用程序将提供本机代码的卓越性能。
?您可以继续使用 C# 或 Visual Basic 进行编程。
?您可以继续利用 .NET Framework 提供的资源,包括其类库、自动内存管理和垃圾回收以及异常处理。
对于您的应用程序用户,.NET Native 提供以下优势:
?快速的执行时间
?始终如一的快速启动时间
?低部署和更新成本
?优化应用内存使用
但是 .NET Native 不仅仅涉及对本机代码的编译。它改变了 .NET Framework 应用程序的构建和执行方式。特别是:
?在预编译期间,.NET Framework 的必需部分静态链接到您的应用程序中。这允许应用程序与 .NET Framework 的应用程序本地库一起运行,并且编译器可以执行全局分析以提供性能优势。因此,即使在 .NET Framework 更新之后,应用程序也始终以更快的速度启动。
? .NET Native 运行时针对静态预编译进行了优化,因此能够提供卓越的性能。同时,它保留了开发人员认为非常高效的核心反射功能。
?.NET Native 使用与 C++ 编译器相同的后端,针对静态预编译场景进行了优化。
https://msdn.microsoft.com/en-us/library/dn584397(v=vs.110).aspx
https://msdn.microsoft.com/en-us/library/dn584397(v=vs.110).aspx
This is only available with VS.NET 2015.
这仅适用于 VS.NET 2015。
