LogoLogo
  • Welcome to Cyphor
  • .NET Code Obfuscation
    • Getting Started
    • How to Obfuscate
    • Basic Code Obfuscation
      • Symbol Renaming
      • Body Mutation
      • Control Flow
      • Constant Encryption
      • Call Hiding
      • Debug Protection
      • Integrity Checks
      • Self Healing
    • Advanced Obfuscation
      • Attribute-Based Obfuscation
      • Guide to obfuscation
      • Code Inlining
      • What is RASP?
      • Protections that protect each other
      • Program not working after obfuscation
      • Keeping performance with obfuscation
      • Virtualization
  • Dashboard
    • Files
    • Billing
      • Pay as you go
      • Examples
    • Projects
      • Code Guard Tasks
      • Permissions
        • Roles
      • Files
      • SAML and SSO
  • Code Guard
    • Introduction
    • Implement with your licensing system
      • Setting up a gateway
      • Setting up the SDK
    • Secured values
      • Dynamic values
      • Code Encryption
        • Page 1
    • Preventing analysis
    • Enhanced visibility
      • Disabling tracing on production
      • Logging external methods
      • Optimizing Memory Usage
    • Edge connectivity
    • Preventing modifications
      • Preventing assembly load
      • Allowing partial tampering
      • Enterprise EDRs and XDRs
      • Dynamic Hook protection
      • Thread hijacking
      • Guard Checksums
      • DLL Injection
      • Handling complex RE attacks
        • Custom payload detection
    • Granular Integrity Checks
    • Virtualized Environments
    • Troubleshooting
    • Threat database
    • Real time alerts
      • Alert Insights
  • CLI Tool
    • Introduction
    • Global options
    • Profiles
    • Projects
    • Obfuscator
      • Obfuscation Schemes
      • Task templates
      • Protecting files
        • Global obfuscation flags
        • Using templates to obfuscate files
        • Quick obfuscation
      • Monitoring obfuscation jobs
    • Securing local storage
Powered by GitBook
On this page
  • Performance: Medium Potency: High Resilience: High
  • Understanding the protection
  • Tuning the protection for best performance
  • Mangling Complexity
  • Expression Density
  • Opaque Density
  • Enhanced Mode

Was this helpful?

  1. .NET Code Obfuscation
  2. Basic Code Obfuscation

Control Flow

PreviousBody MutationNextConstant Encryption

Last updated 2 years ago

Was this helpful?

Performance: Medium Potency: High Resilience: High

Understanding the protection

Control flow obfuscation is a technique used to make the control flow of a program difficult to understand and reverse engineer.

This is achieved by transforming the original code in such a way that the control flow becomes harder to follow, while preserving the functionality of the program.

There are several reasons why control flow obfuscation is a good idea for C# or .NET applications. First, it can help protect the intellectual property of the code, making it more difficult for others to understand and potentially steal. Second, it can make it harder for attackers to reverse engineer the code and find vulnerabilities to exploit. Third, it can make it more difficult for malicious actors to create functional copies of the application.

Before Obfuscation:

        public static void Main(string[] args) {
          int i, sum = 0, n;
          Console.Write("Enter the Nth Number : ");
          n = int.Parse(Console.ReadLine());
          for (i = 0; i <= n; i++) {
            sum = sum + i;
          }
          Console.WriteLine("\nSum of N Numbers : " + sum);
          Console.ReadLine();
        }

After Obfuscation:

		public void InterfaceMethod(float b)
		{
			int num = -1961952481;
			int num2 = -1574439195;
			int num3 = 553806077;
			int num4 = 1668559803;
			for (;;)
			{
				if (~(((-87 / num4 & (int)-3.0786116f) ^ (int)5.293522f) < ((num4 + -95 | num4) & (int)8.033648f)) & (~(8.9628105f + (float)num4 + (float)num4 - (float)num4 < (float)(16 % num4 & num4 & (int)6.241485f)) & ~((num4 - num4 ^ num4) - (int)9.832379f < (64 * num4 + 61 ^ 86))))
				{
					Console.WriteLine("\nSum of N Numbers : " + sum);
					num4 = (int)((-11.802868f - (float)num4) % (float)num / (float)37 + (float)767841124);
				}
				else
				{
					if (-1460763283 == num4)
					{
						break;
					}
					if (~((num4 / (int)-8.1555f ^ num4 ^ -83) > (num4 - -11 & -10) - 28) | (~((num4 - 36 | (int)-4.076834f) * 29 > (num4 / (int)-4.492111f * 73 ^ num4)) | ((12.411447f ^ (float)num4) | (float)num4) - 11.7112875f > (float)((96 + num4 ^ (int)-7.2460685f) * 16)))
					{
						num4 = ((50 % num3 ^ -24) >> num4) + 1792755332;
					}
					else if (~((-97 | num4 | num4) + -15 < ((58 / num4 ^ num4) | num4)) | (~((-26 << num4) - num4 + (int)7.8907924f < (int)((-12.561203f % (float)num4 | (float)32) * (float)45)) & (num4 - (int)-8.214035f + num4 & -84) == (num4 % num4 + num4 | num4)))
					{
						num4 = (int)((5.822695f % (float)num ^ (float)92) - (float)num2 + (float)113675818);
					}
				}
				if (1474886602 == num4)
				{
					return;
				}
			}
		}

Tuning the protection for best performance

By default, the Control Flow Obfuscation that we provide has little to no impact on performance, the reason is, the challenges and arithmetic's added on the default settings are easily solved by the JIT Compiler. These settings, however, also reduce the complexity of obfuscation.

If you want to trade performance for security, you can do so by using the parameters present in the protection.

Mangling Complexity

Using a number higher than 3 can worsen the performance exponentially. If you want to safeguard your code to the maximum, check Virtualization.

Expression Density

Opaque Density

Enhanced Mode

The enhanced mode enables a set of techniques that obscure the pathing of the obfuscated app. This is done by adding a new layer of encryption that protects the opaques and expressions present in the application.

Mangling complexity measures how many times, the pathing of your application is obscured. This means that the control flow of your application is obfuscated multiple times, ensuring the most against automatic tools (deobfuscators).

Expression density sets how complex the generated arithmetic expressions are. You can change this setting if you want to enhance the of the method and generate an uglier code when your application is decompiled.

Expression density sets how complex the logical expressions are. You can change this setting if you want to enhance the and of the method and generate an uglier code when your application is decompiled.

⏩
🔐
🧠
resilience
potency
potency
resilience