How to protect .Net applications ? - Windows Mobile Software Development

Hi,
I know that there is a program called dotfuscator that simply obfuscates most of the code but I've been trying to use it without sucess.
My program has some external dependencies (like StedySoft.SenseSDK.dll) and everytime I try to obfuscate it it gives me an error :
Error encountered while loading module (C:\Users\projects\myproject\bin\Release\StedySoft.SenseSDK.dll). Não é possível ler para além do fim da sequência.
Build Error.
Click to expand...
Click to collapse
The second part of the error is in portuguese. Translating it to English it should say something like "Cannot read beyond the end of the sequence" (whatever that means).
How can I protect my application ?

Hi,
It looks like the supporting SenseSDK DLL is obfuscated with a tool (such as .NET Reactor) that breaks its ability to be processed in any way by other tools. This includes Dotfuscator - even if it is not an input assembly, you will not be able to obfuscate your application while referencing this DLL. You will notice that Reflector and even Microsoft's ildasm tool cannot read this file.
Since this is a library which is meant for others to reference, I would guess this breaking behavior is probably caused by a mistake in the DLL author's obfuscation settings. The only thing you can do is ask the DLL's author to either turn off the options that cause the obfuscator to make the output assembly non-verifiable, or to use a different obfuscation tool which produces verifiable output assemblies, such as Dotfuscator. Or you can forgo obfuscation of your application altogether.
Breaking the output assemblies in such a way is really quite pointless anyhow, since changing the byte at 0xF4 from 0x0F to 0x10 will allow the DLL to be loaded into Reflector successfully. From there, the IL code can be dumped to disk and recompiled into an unprotected DLL.
--Brandon Siegel

Thank you very much for your clear response. I'm going to try to contact the author.

Related

Fix "may not display properly" error with 2003 SE

Not sure how to do this myself, but I came across this snippet of info on how it should be done...
Windows Mobile 2003 Installation Warning
--------------------------------------------------------------------------------
Installing applications on the Windows 2003 2nd Edition results in the following warning being displayed during installation on the Pocket PC:
"The program you have installed may not display properly because it was designed for a previous version of Windows Mobile Software".
According to the Microsoft article at:
http://msdn.microsoft.com/library/d...dnwm2k3/html/screen_orientation_awareness.asp
you can prevent this warning from being displayed by adding the BuildMax key to your CEDevice section of the INF file as shown here:
[CEDevice]
VersionMin=3.00
VersionMax=4.99
BuildMax=0xE0000000
and then rebuilding the CAB files.
Click to expand...
Click to collapse
Hope this helps. I'm no expert at messing about with CAB files, but I'm going to see if I can figure this out.
I wouldn't call it an 'error'. Its actually a notification that the app you've installed wasn't designed for landscapre mode. Surely thats quite handy?
JD
not a good ideia....
iap... i don't think that's a good ideia because the warning is a good help in identifying potential conflicting apps.
I think it's nice to get rid of those msg's for cabs that you put in your extrom.
unfortenately Wince cab manager restricts Maximum os build to 0-999999
M4io said:
I think it's nice to get rid of those msg's for cabs that you put in your extrom.
unfortenately Wince cab manager restricts Maximum os build to 0-999999
Click to expand...
Click to collapse
All you need is this
[CEDevice] VersionMax value should be more than 4.21
So 999999 does not flag "may not display properly" error with 2003 SE :wink:
Shikra said:
All you need is this
[CEDevice] VersionMax value should be more than 4.21
So 999999 does not flag "may not display properly" error with 2003 SE :wink:
Click to expand...
Click to collapse
In practice I found that you have to set VersionMIN to 4.21 build 0
and VersionMax greater or equal to 4.21 build 0. I use VersionMax of 5.9 build 0 using WinCE CAB Manager v1.1.0.4 from OCP Software.
I'm a bit of a tinkerer, as many here are, so I keep playing with my extrom and hard-resetting.
I just thought it might be handy for people like me. I know there's quite a few people out there cooking their own extrom for WM2003SE.

NBH Util - Build, Sign & Extract NBH Files.

I like Dark Simpson's tool, but I always wanted an integrated tool to do the business... so here it is.
It lets you build an NBH, and sign it... if you untick the box then it will prompt you to select a certificate from your certificate store to sign with, otherwise it gets signed with the developer test cert... useful for testing of course.
Extraction of an NBH is quite fast since it just keeps portions cached in RAM until you want to dump them, this also means you're free to just extract constituent parts of the NBH as you desire rather than having to dump the whole thing.
the device configurations are in an XML file, it'll get extracted to the dir you run it from on first launch... eventually I'll make it possible to edit this from the app itself, for now, close the app and use your preferred text editor.
the beauty of the XML file is that you can list as many items as you like for constituent NBH parts, but please bear in mind they will go off the screen if you add a silly amount, but thus far I don't know of any devices in existence that could cause that.
UPDATE: found a small bug with the XML parser, fixed now
anyway, have at it:
thanks you very much
It's now my intention to begin introducing a shared certificate for everyone to utilise... I will slowly be replacing Hard-SPL with new versions that require the usage of a public signing certificate.
I will also be updating this so you can re-sign an already signed ROM
Thank you
Hi Oli,
In order to using your new certificate we should import your .pfx file into our private cert store. Am I correct? If I want to test another cert, it should be in the form of pfx file (including private and public key)?
Olipro said:
It's now my intention to begin introducing a shared certificate for everyone to utilise... I will slowly be replacing Hard-SPL with new versions that require the usage of a public signing certificate.
I will also be updating this so you can re-sign an already signed ROM
Click to expand...
Click to collapse
Excelent thanks
This looks useful.
Downloading.
Thank you
Rhodium version?
what´s the dependencies os NBH Util!?? i try on windows 7 and the program don´t convert the os to nbh!! framework??
tks
HI all
how can i extract the rom of my pda Airis T483, is there a log ? because mine is spanish and i need an english or frensh one ...
thanks a lot
Yup, seems windows 7 doesn't like the NBH util. And making the .exe run in XP SP3 mode makes no difference...
No new boot screens for me now.

[HD2] Find example multitouch code c#

Hi,
I have a question for you.
It's possible create with visual studio 2008, c# multitouch application?
If it's possible, have you a example code?
Thanks for your support
xoooox
Just take a look at my multitouch dll
www.scilor.com/hd2-leo-dotNetCfMultiTouchDLL.html
scilor,
I have two questions:
1) why i have to create a key on register? If i don't create a key on the my HD2 not view my application how multitouch? (enable multitouch?)
2) have you create a dll on c++? If the answer is YES, why on c# I not create a ovverride the WndProc function?
Thanks for your support
xoooox
(sorry for my english)
1)You will have to add you program to the multitouch whitelist
2)It is in C#/Vb.net and overrides the WndProc
You are able to write in any other language?! Spanish/German
Maybe try to write it "easy" in your native language and try to translate it with Google Translate
Download issues
Hi,
This looks very promissing!
I am interested in trying out the multitouch wrapper you created. http://www.scilor.com/hd2-leo-dotNetCfMultiTouchDLL.html
But, the download sites don't seem to work properly: Rapidshare is overloaded and the Upload.To site keeps defaulting to the premium download.
Can you post the package somewhere else?
Thanks.
Try to enable JavaScript and Cookies
Multihread and strong naming
Hi Scilor
I´ve tried to use jour .NET multitouch dll .. but when compiling i VS2008 i get the error Assembly generation failed -- referenced assembly 'SciLors-MultiTouch' does not have a strong name.
Researching for why it fails i found that the assembly must be recompiled with a strong name.
Could you please help ?
Regards,
Kasper
It should work, did you used my original dll?

Fixup (.reloc) section format in WinCE XIP

I feel completely lost.
Structure of FIXUP table in executable module extracted from XIP (I took cecompr.dll, but that does not matter) is something impossible to reverse engineer.
What I manage to find is that first word is "page RVA" (16 bit, can't find out why 16 bit is enough), then size (in bytes) of the following records.
But then I can't understand what is there, behind page rva and size. PE file description by Microsoft is not correct, I tried to use it, but it is not for WinCE and thus does not help at all.
Does anybody know how to parse .reloc section of WinCE module?
Maybe, there's some sources of greloc/mreloc/platformrebuilder around? I'll be grateful for any clues.

[SOLVED] Disassembling DLLs in WP7 firmware?

Hi there, first post but I could use some assistance.
I took the stock emulator image that's included with the dev tools and ran (I believe, this was a bit ago) viewbin.exe, cvrtbin.exe, and dumprom.exe on the image (basically the same technique that's used to dump the Zune firmware), resulting in all the files.
In particular, I'm looking to reverse engineer the MTPZ protocol, so I looked at MtpHandshakePlugin.dll which seems to be just what I need based on the strings contained within. When I load it into IDA Disassembler, IDA correctly finds strings and the exports and imports and what not. The problem is, it can't seem to find any function declarations or code. The only code it auto-analyzed was the start function, which was two instructions, the second instruction being a jump into a memory location it couldn't find. Prior to analysis IDA informed me that MIPS (the architecture of the image) supported memory mapping and that I could manually map addresses.
So, I assume that this jump address is memory mapped and I have to figure out where to map that to, after which IDA should be able to find all the code. The problem is, how do I know where to map the address to?
Long-ish post, I know, but any help would be much appreciated!
Hi,
Your problem is that IDA is using the wrong machine type. The DLL's are X86 from the emulator not ARM. You need to switch the machine type in the PE header to X86.
I typically just do this by hex editing the byte sequence C0 01 to 4C 01 but you can use any PE editor for this.
Ah, you are absolutely right. The thought crossed my mind earlier but I quickly dismissed it. Everything seems to be analyzed perfectly.
Thanks a ton!

Categories

Resources