|
Couple of problems here:
1) This is not a good question - we cannot work out from that little what you are trying to do.
Remember that we can't see your screen, access your HDD, or read your mind.
At a guess, you are trying to write a "bible search" program - but that's all I get.
2) Don't post links to images: most people won't follow them because they have no idea what they will find on the other end. Describe your problem in detail instead. (This is a very worthwhile thing to do anyway: you frequently find the solution just by a process of meticulously documenting the problem!)
3) If you are going to post a link for people anywhere, make sure that anybody can open it. You link requires me to sign in as you in order to access the image...
4) Tell us what you have tried; where you are stuck; what help you need. Don't assume we know the context of your application, because we don't! And your app is probably in C# (or you wouldn't post here) but it could be webapp, website, winforms, WPF... it could use SQL Server, MySQL, SQLite, Access, XML, text, CSV ... we do not know. You need to tell us the relevant facts around your project in order to get a meaningful answer.
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
|
|
|
|
|
I just started learning about client server architecture. And I want to create client server application which can send request and receive response. Firstly I want to do communication between client server without any security. Later I want to add Open SSL to my application and check the security level. Is it possible? What is the best way or example to create Http client server application? Any suggestion or Help or reference?
|
|
|
|
|
This is not a question that can be easily answered in a technical forum; you should use Google to find samples of the various parts you are interested in. Here is one to get you started: HttpWebRequest/Response in a Nutshell - Part 1[^].
|
|
|
|
|
Hi, recetly, i found .net code .exe file can be decompile easily ,and other one can get your code in detail ,but my code has some secret,so i don't hope other one can decompile my code easily.
how can i do it?
|
|
|
|
|
You can't, and your code should not contain secrets.
You can make it "harder" to read by obfuscating it; that means that it will take me more time to read it.
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
All security is really about is making something more difficult. The best you can hope for is to make the cost of acquisition higher than the value of acquisition.
"There are three kinds of lies: lies, damned lies and statistics."
- Benjamin Disraeli
|
|
|
|
|
Nathan Minier wrote: The best you can hope for is to make the cost of acquisition higher than the value of acquisition. For a hobbyist, cost is zero; I can remember how many games were pirated, not too long ago - often within days of release, and that was usually not done using .NET reflection
Given the "genuine" application, I'd say that even Microsoft lost that battle.
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
You can try various obfuscation tools that make your code much less readable; some of the expensive ones (and, I mean very expensive) claim to make it extremely hard to reverse-engineer code. But, all .NET apps are to a large extent accessible.
To really get security you need to use extra measures, which may include hardware dongles, or installation software that binds your app to machine specific identification and limits its use.
I suggest you start exploring some of these sites: [^].
«There is a spectrum, from "clearly desirable behaviour," to "possibly dodgy behavior that still makes some sense," to "clearly undesirable behavior." We try to make the latter into warnings or, better, errors. But stuff that is in the middle category you don’t want to restrict unless there is a clear way to work around it.» Eric Lippert, May 14, 2008
|
|
|
|
|
You're mixing up two subjects here: Protection against reverse engineering (which is what the OP is asking for) and license enforcement. Dongles and hardware keys don't protect against reverse engineering.
If the brain were so simple we could understand it, we would be so simple we couldn't. — Lyall Watson
|
|
|
|
|
Hi Sascha,
I see your point, but I think my including hardware protection is relevant; if you can't install the whatever containing the code, doesn't that help protect against reverse engineering ?
An academic issue, I know, since skilfully hackers regularly crack the most supposedly secure code and sites in the world.
cheers, Bill
«There is a spectrum, from "clearly desirable behaviour," to "possibly dodgy behavior that still makes some sense," to "clearly undesirable behavior." We try to make the latter into warnings or, better, errors. But stuff that is in the middle category you don’t want to restrict unless there is a clear way to work around it.» Eric Lippert, May 14, 2008
|
|
|
|
|
If someone can reverse engineer your code, they can remove the Hardware lock validation code from that.
|
|
|
|
|
Hi Bill,
I see two reasons against considering hardware keys as a reverse engineering measure: You wouldn't be able to offer demo versions of your software and buying a license of your software wouldn't be a hindrance to those who think they could really benefit from reverse engineering your software.
cheers, Sascha
If the brain were so simple we could understand it, we would be so simple we couldn't. — Lyall Watson
|
|
|
|
|
To elaborate a bit on what Eddy and Bill said: There are different so called obfucscator tools which will take your compiled .NET binaries and apply various kinds of transformations which don't (or: shouldn't) alter the programs behaviour but make the reverse engineering process harder. Ref: Obfuscation (software) - Wikipedia, the free encyclopedia[^] (also follow the links under the section "See also"). Those transformations differ in the increase of required effort for reverse engineering. They can be combined. They can have negative side-effects like braking .NET reflection (or requiring it to be programmed differently) or rendering exception stack-traces useless (because unreadable) unless the obfuscator provides a helper tool to make the stack-trace readable again. The pinnacle (to my knowledge) of those obfuscation methods is code-virtualization[^] which has the drawback of slowing down the code execution. No obfuscation method or combination thereof reliably protects your code against reverse engineering, they just make it harder. And, obviously, the tools vary in price, from free to some thousand bucks. Theoretically, the important question would be: How much effort do you think would someone interested in your source code be willing to invest into reverse engineering? If the required effort exceeds the effort to write a similar software from scratch then they will rather write their own software. Unfortunately, I can't help with estimating the required effort for reverse engineering code protected by this or that obfuscation method as I'm not a "hacker". My best advice is to read up on the various obfuscation methods and develop some sort of gut-feeling for which tool might suffice for you.
If the brain were so simple we could understand it, we would be so simple we couldn't. — Lyall Watson
|
|
|
|
|
Member 12431039 wrote: how can i do it? Basically, you can't because ultimately, your code will have to conform to a defined language in order to run.
All you can do is make it more difficult to read after decompiling.
With enough will and mean, absolutely anything can be decompiled.
Patrice
“Everything should be made as simple as possible, but no simpler.” Albert Einstein
|
|
|
|
|
Software as a service.
Put your "secrets" in the cloud and provide an API that requires credentials to access your "secret functions"; whether via desktop, mobile or browser.
|
|
|
|
|
Next question; "How do I stop people using tools like Fiddler?"
|
|
|
|
|
The "algorithms" run on the server.
I don't give a twit about the transmission.
|
|
|
|
|
It depends what kind of secrets you are talking about.
If you mean that you have written the best algorithm ever, and don't want people to be able to copy it then you are out of luck. As stated in other answers, you can make it more difficult but not really prevent it.
If you mean you have stored a password or other secret user information, the answer is don't do it.
Passwords should be hashed in a proper way and other information is better kept on a secure server.
|
|
|
|
|
Hi,
I tried to send a message to other user on
modified 14-May-16 22:09pm.
|
|
|
|
|
Just login and post already.
By the time you get this going ... old news is no news.
|
|
|
|
|
Are you sure that the password goes into the URL, without any obfuscation or encryption?
I'd expect a cooky to be passed or similar, not having a password in the browser-history
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
I use pictureBox, when my mouse is near a existing point in range which i defined, i want to set mouse on the existing point.
I use:
Cursor.Position = pictureBox1.PointToScreen(Point.Round(point));
pictureBox1.PointToScreen need point pix as a int,but my variable point is a float, where use PointToScreen, i found that the Cursor.Position is not on my existing point because of float to int convertor.
How can i realize this function accuracy?
|
|
|
|
|
Point.Round converts a PointF to a Point - it rounds up / down fractions of a float to the integer equivalent. It doesn't "round" to a "point in a range" it just converts (1.3, 2.7) to an integer (1, 3)
Since the cursor can't move to "parts of a pixel" it won't have any significant effect on the cursor position on it's own!
So show us what you do to create the PointF and explain why you think that should move the mouse to "near a range" and what it does do.
[edit]Typos[/edit]
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
|
|
|
|
|
oh, I want to do one effect like AutoCad snap function. I have drawn some graphics, and each graphic have hitpot point, when my mouse is near one point, i hope my mouse can snap it to get the same position.
|
|
|
|
|
You can do it, it's not complex - at least in a simple version:
private Point hotSpot = new Point(50, 50);
private Point lastSnap = new Point(-100, -100);
private void myPictureBox_MouseMove(object sender, MouseEventArgs e)
{
PictureBox pb = sender as PictureBox;
if (pb != null)
{
Point p = e.Location;
int nearX = Math.Abs(p.X - hotSpot.X);
int nearY = Math.Abs(p.Y - hotSpot.Y);
if (nearX <= 10 && nearY <= 10)
{
if (lastSnap != hotSpot)
{
lastSnap = hotSpot;
Cursor.Position = pb.PointToScreen(hotSpot);
}
}
else
{
lastSnap = new Point(-100, -100);
}
}
}
It's not perfect - you probably want to tweek it quite a bit to get it comfortable for the user - but it's a start!
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
|
|
|
|