Does shipping PDB file make obfuscation useless in .net?
https://stackoverflow.com/questions/7243569
-
16-01-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
If I obfuscate a vb.net assembly using Eazfuscator with symbol names encryption turned on (so that I can use the Eazfuscator stack trace decoder), is this effectively undone if I ship the PDB file? I want to ship the PDB file so that I get line numbers in stack traces that are sent back to me in error reports.
I know I can get line numbers by keeping the PDB file for the shipped version but this is an extra layer of complexity that I don't need right now, I will implement this in the future. I just want to make sure I am not effectively shipping non-obfuscated code by including the PDB file.
Thanks in advance for any advice.
La solution
PDBs don't contain actual code. But I have a strong feeling that after obfuscation PDB will be incompatible with binary. Here is what located inside PDB:
- Public, private, and static function addresses
- Global variable names and addresses
- Parameter and local variable names and offsets where to find them on the stack
- Type data consisting of class, structure, and data definitions
- Frame Pointer Omission (FPO) data, which is the key to native stack walking on x86
- Source file names and their lines
As far as I understand obfuscation will ruin things like non-public types, methods, parameters etc. So if it doesn't change original IL offsets, showing line numbers might work, but it will provide some information that was actually obfuscated, question is it recoverable or not.
What I suggest is to add rich logging if you are very concerned about deobfuscation.
Autres conseils
No, shipping PDB files does not make obfuscation useless. Note however that PDB files can contain names of local variables so that is another piece of information which a disassembler like Reflector can use. PDB files can also contain full paths of the source code files, however, this rarely does any harm in terms of revealing sensitive information.
Some obfuscators like Crypto Obfuscator support PDB file generation - after obfuscation, it outputs new PDB files which are in sync with the obfuscated assemblies so that your stack traces remain correct. Further, the PDB files contain obfuscated names of the source code files mentioned above. It also strips all local variable names from the PDB files.
DISCLAIMER: I work for LogicNP Software, the developer of Crypto Obfuscator.
