Writing for obfuscation #2  
Jeff Key
11/11/2002 7:51:21 PM 
Hi,

Since all public members generally can't have obfuscated names, it's
easy for someone to look at decompiled code and get some value out of
public methods, especially if the names are descriptive.  I've gone
through my project and made all public methods entrypoints to the
application that immediately call private members; ie, there is no real
code in any methods that have unobfuscated names.

For example:

public class A {
	public int DoSomething(int a, int b) {
		return a + b;
	}
	public int DoSomethingElse(int a, int b) {
		return a * b;
	}
}

When run through an obfuscator, you'll wind up with something like the
following, when viewed from a decompiler:

public class A {
	public int DoSomething(int $, int $) {
		return $ + $;
	}
	public int DoSomethingElse(int $, int $) {
		return $ * $;
	}
}

Event when decompiled, it's pretty obvious what's being done.  When
calling unobfuscated members of other classes, code is easy to follow,
even when obfuscated.  (Since the BCL isn't obfuscated, using anything
in it is totally readable in your obfuscated assembly.)

By making public methods entrypoints, you're adding another layer that
makes the code much less readable.  Take the following (note the
visibility of the new methods):

public class A {
	public int DoSomething(int a, int b) {
		return DoSomethingPrivate(a, b);
	}
	private int DoSomethingPrivate(int a, int b) {
		return a + b;
	}
	public int DoSomethingElse(int a, int b) {
		return DoSomethingElsePrivate(a, b);
	}
	private int DoSomethingElsePrivate(int a, int b) {
		return a * b;
	}
}

When obfuscated, you're left with:

public class A {
	public int DoSomething(int $, int $) {
		return $($, $);
	}
	private int $(int $, int $) {
		return $ + $;
	}
	public int DoSomethingElse(int $, int $) {
		return $($, $);
	}
	private int $(int $, int $) {
		return $ * $;
	}
}

Both public methods appear to call the same private method and both
privates have the same signature.  Obviously the effect is much more
apparent on real-world classes.

Anyone else have fun obfuscation tips/hints/etc?

-jk
Back to dotnet