Page 1 of 1

How to protect .NET (Core) application?

Posted: Tue Nov 23, 2021 4:59 am
by Klobi
On main site it says it supports .NET (Core) but I cannot get a protected app to run. A .NET 6 (former known as .NET Core) application, just like on .NET Core 3.1, has

[*]the .NET DLL file
[*]a native host executable

If I protect the .NET dll file the native host executable cannot launch it, because its no longer .NET. Protecting the native host executable is kinda useless since all the code is within the .NET dll file. I can also publish my .NET app as a single file + self contained which generates a large 130mb single executable. But after protecting it its only a 5mb large executable, it seems that it has removed all the bundled .NET files from the single file.

So my question since there is nothing about this in the documentation: How to protect a .NET (6 / 5 / Core 3.1) application?

Re: How to protect .NET (Core) application?

Posted: Tue Nov 23, 2021 6:41 am
by Admin
If I protect the .NET dll file the native host executable cannot launch it, because its no longer .NET.
Could you send us a test example (original EXE/DLL/CGF/VMP binaries) that shows this problem?

Re: How to protect .NET (Core) application?

Posted: Tue Nov 23, 2021 5:01 pm
by Klobi
Yes, I've attached a .NET 6 app. Because of file size this is not published as self contained so you must install .NET 6 Runtime: https://dotnet.microsoft.com/download/d ... -installer

As you can see my .NET test application is the WpfApp10.dll file. WpfApp10.exe is the native host which checks for .NET 6 runtime, then host and launch the dll file. I need to basically protect the WpfApp10.dll file and it should still get launched via WpfApp10.exe but its not. With .NET 3.1 Core and still with .NET 6 there are no .NET executables anymore. Its always the bundle of .NET dll and native host executable. As I said before I can publish as single file (this sadly requires to also publish as self contained so I cannot attach it as it would be 130mb large but I can share project files and tell you how to generate this single file). As far as I know single file just embeds all the .NET files into the native host application and then load them from memory on start. Protecting such a single file however removes all the embedded .NET files. So this doesn't work as well.

Re: How to protect .NET (Core) application?

Posted: Tue Nov 23, 2021 5:33 pm
by Admin
The .NET 6 Runtime was installed, but your application still shows the following error:
---------------------------
WpfApp10.exe
---------------------------
To run this application, you must install .NET Desktop Runtime 6.0.0 (x64).

Would you like to download it now?
---------------------------
Yes No
---------------------------

Re: How to protect .NET (Core) application?

Posted: Wed Nov 24, 2021 7:46 am
by Klobi
Bummer, I don't know what happened. Try with the new attachment.

Re: How to protect .NET (Core) application?

Posted: Wed Nov 24, 2021 7:57 am
by Admin
We tested your latest example and it works fine after protection.

Re: How to protect .NET (Core) application?

Posted: Wed Nov 24, 2021 8:46 am
by Klobi
You are right, now it also works fine here. My main application now also works except of:
  • "Pack the output file" is checked. In this case I don't even get the demo messagebox of VMP on start. Nothing happens if I double click the executable the process just disappears in task manager
  • "Strip debug symbols" is checked. It says:

    Code: Select all

    Can't resolve assembly: System.Security.Cryptography.Algorithms, Version=0.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
    but this file exist in the output directory.
I figured out its because of using Eazfuscator as .NET obfuscator. Only using VMP as protection there still an issue with using "Strip debug information" as I'm getting this after the VMP demo messagebox:

Code: Select all

System.Windows.Markup.XamlParseException: The method or operation is not implemented.
 ---> System.NotImplementedException: The method or operation is not implemented.
   at System.Windows.Baml2006.Baml2006SchemaContext.ResolveBamlType(BamlType bamlType, Int16 typeId)
   at System.Windows.Baml2006.Baml2006SchemaContext.GetXamlType(Int16 typeId)
   at System.Windows.Baml2006.Baml2006SchemaContext.GetProperty(Int16 propertyId, XamlType parentType)
   at System.Windows.Baml2006.Baml2006Reader.Process_PropertyWithConverter()
   at System.Windows.Baml2006.Baml2006Reader.Process_OneBamlRecord()
   at System.Windows.Baml2006.Baml2006Reader.Process_BamlRecords()
   at System.Windows.Baml2006.Baml2006Reader.Read()
   at System.Windows.Markup.WpfXamlLoader.TransformNodes(XamlReader xamlReader, XamlObjectWriter xamlWriter, Boolean onlyLoadOneNode, Boolean skipJournaledProperties, Boolean shouldPassLineNumberInfo, IXamlLineInfo xamlLineInfo, IXamlLineInfoConsumer xamlLineInfoConsumer, XamlContextStack`1 stack, IStyleConnector styleConnector)
   at System.Windows.Markup.WpfXamlLoader.Load(XamlReader xamlReader, IXamlObjectWriterFactory writerFactory, Boolean skipJournaledProperties, Object rootObject, XamlObjectWriterSettings settings, Uri baseUri)
Does VMP supports WPF / Mvvm applications?

Re: How to protect .NET (Core) application?

Posted: Wed Nov 24, 2021 9:56 am
by Admin
Are you a registered user of VMProtect?

Re: How to protect .NET (Core) application?

Posted: Wed Nov 24, 2021 2:07 pm
by Klobi
No I am evaluating the demo version of VMP, seeing if it works at all. Because if it doesn't work there is no reason to purchase.

Re: How to protect .NET (Core) application?

Posted: Wed Nov 24, 2021 2:15 pm
by Admin
Are you sure that you try the latest demo version (3.5.1.1343)? It seems you use 3.5.0 or older version because the latest demo version works with your latest example without any problems.

Re: How to protect .NET (Core) application?

Posted: Thu Nov 25, 2021 8:25 pm
by Klobi
Yes I am using 3.5.1 build 1343. The error from last post comes from my real application, not the sample application I've posted here.

Re: How to protect .NET (Core) application?

Posted: Fri Nov 26, 2021 5:48 am
by Admin
So you have to send us new test example.