Languages
Pages
Legal
facebook.com/telerik
@telerik
.NET Assembly Decompilation
One Engine Two Tools
Presenting…Chris Eargle
Telerik EvangelistINETA DirectorC# MVP
AgendaPart 1 - Discussion
What is a Decompiler?LegalityPreventionCommon Scenarios
Part 2 - Products
JustDecompile – StandAlone
DemoJustCode – Visual Studio
DemoBonus
Part 3
Q&A
Removing some misconceptions
What is a Decompiler?
Performs the reverse operation of a compiler
Translates assemblies back into source code
Source code produced is a representation, not the original
Decompiler
Reflection allows you to observe and modify a program’s structure and behavior at runtime
Used to inspect types and members without knowing names at compile time
Allows for instantiation and method invocation without hard-coding names
It is not Reflection
Disassemblers translate machine code to assembly language
In .NET, translating byte code to common intermediate language (CIL) can be considered disassembly
This is one step in the decompilation process
ildasm.exe is an example of a .NET disassembler
It is not Disassembling
Warning: I am not a lawyer
Legality
Most software is covered by copyright laws
Copyright owners have exclusive rights to make copies
Decompilation can be necessary, and it is allowed in the US and Europe with some limitations
If there are any doubts, consult a lawyer in your jurisdiction
Copyright
United States"where disassembly is the only way to gain access to the ideas and functional elements embodied in a copyrighted computer program and where there is legitimate reason for seeking such access, disassembly is a fair use of the copyrighted work, as a matter of law."
-Sega v. Accolade
Covered under the 1991 Software Directive, Article 6• Must have a license to the program• Must be necessary for software interoperability• Must be confined to relevant elements for
interoperability• Information obtained may not be used for other
purposes or shared
Europe
Have a good reason
Check the laws for where you live
Be good
Bottom Line
How to keep your software safe
Prevention
If it was designed to run, the means by which it runs can be obtained
These techniques will only stop the casual reverse-engineer and the curious
Nothing’s 100%
Provide documentation essential for interoperability
Prevent bugs: test thoroughly
These steps will provide legal cover in some jurisdictions
Provide Good Documentation
Makes it difficult to decompile by making output unreadable
Use an obfuscator : bit.ly/obfuscators
Obfuscation
Why people “legitimately” use decompilers
Common Scenarios
This usage is to determine how to make an assembly work with another assembly or hardware
Optimizing for performance
Interoperability
A bug is creating issues, and there’s no fix available from the vendor
Fix or Workaround Bug
Everyone uses version control, right?
A developer left and the source can’t be found
Recover Lost Source Code
The vendor of a necessary system component has gone out of business
No updates coming and they are necessary
Out of Business
You have a project written in VB, and you need the code for a C# library (or vice-versa)
Language Translation
Performed as part of a build step, check-in, or during system migration
This is generally bad
Tools exist for this particular need
Code Standardization
Compilers change your code to IL constructs. In C#, optimization can affect the output
IL Weaving
Discover Effects on Code
Many people are simply curious about how a program works
Curiosity
May the source be with you
JustDecompile
100% guaranteed
Free for everyone
Free forever
Brand new decompilation engine
JustDecompile is Free
C#Visual BasicIL
Language Support
Create and maintain separate lists of assemblies
Useful when working on different projects
Assembly Lists
NavigationStandard
Navigation TreeInformation PanelCode PanelNavigation Buttons
Searching
Find UsagesGo to TypeGo to SymbolFull Text Search
Contains loaded assemblies
Add assemblies via Open button or drag and drop
Drill into assemblies to get references, resources, namespaces, types, and members
Navigation Tree
Below Navigation Tree
Contains information such as the platform architecture and assembly location
Information Panel
Contains decompiled code or resource
Code Panel
JustDecompile maintains navigation history
Easily return to a previous selection; no hunting through tons of assemblies
Navigation Buttons
Quickly find usages of types or members
Use ctrl+leftclick
Menu or ctrl+alt+u
Supports multiple modes of sorting
Find Usages
Quickly find types containing search term
ctrl+alt+t
Go to Type
Quickly find all symbols containing search term
ctrl+alt+s
This search includes types and members
Go to Symbol
Search for any text within an assemblyctrl+f
Full Text Search
Open local or from URL
Silverlight XAP Decompilation
Works with Windows Phone XAP files!
Toggle compiler generated information
Change code panel theme
Settings
Easy access from the main menu
justdecompile.uservoice.com
Feedback
Decompile and output a full assembly in one step
Was one of the highest requested features
Select an assembly and choose Create Project from tools or context menu
Fulfills Lost Source Code scenario
Create Project
DemoUsing JustDecompile
Decompilation within Visual Studio
JustCode
JustCode is a Visual Studio add-in for faster, smarter coding. It works with Visual Studio 2005, 2008, and 2010. It also works in Visual Studio 11 Beta
Supports: C#, VB.NET, JavaScript, CSS, HTML, Razor, XML, XAML
Works with cross-language solutions
What is JustCode?
Overview of JustCodeCode
AnalysisNavigationGenerationFormattingTemplatesCleaning
And More!
UnobtrusiveRuns out-of-processExtensibleUnit Test RunnerRefactorings
The same engine in JustDecompile is in JustCode
Completely integrated decompiling in Visual Studio
Simply navigated to a type contained in an assembly
Decompiler
JustCode enables you to handle the Code Standardization scenario without decompiling
Create solution options and share them. Code style options available for all languages supported by JustCode
Code cleaning should be used as well. This is extensible; you can add your own code cleaning steps
Code Standards
DemoDecompiling with JustCode
Visit telerik.com/justcode
Watch the videos “10 ways JustCode makes Visual Studio better”
Download a 60 day free trial of JustCode
Learn more about JustCode
One Engine Three Tools
Bonus
Optimize .NET application performance and memory
Includes tracing, sampling, and memory profilers in one easy-to-use package
Supports local and running .NET applications, Silverlight and Windows Service applications, and local IIS and ASP.NET web sites
What is JustTrace?
View source command available in performance profiles
Currently only shows code reconstructed from .pdb files
On the roadmap: including the JustDecompile engine
View Source
Visit telerik.com/justtrace
Find instructional videos at tv.telerik.com
Download a 60 day free trial of JustTrace
Learn more about JustTrace
• Download JustDecompile today : telerik.com/justdecompile
• Remember, it’s free for everyone, free forever!
• To make a feature suggestion: justdecompile.uservoice.com
Thank You
Q&A
Top Related