LogoLogo
  • Welcome to Cyphor
  • .NET Code Obfuscation
    • Getting Started
    • How to Obfuscate
    • Basic Code Obfuscation
      • Symbol Renaming
      • Body Mutation
      • Control Flow
      • Constant Encryption
      • Call Hiding
      • Debug Protection
      • Integrity Checks
      • Self Healing
    • Advanced Obfuscation
      • Attribute-Based Obfuscation
      • Guide to obfuscation
      • Code Inlining
      • What is RASP?
      • Protections that protect each other
      • Program not working after obfuscation
      • Keeping performance with obfuscation
      • Virtualization
  • Dashboard
    • Files
    • Billing
      • Pay as you go
      • Examples
    • Projects
      • Code Guard Tasks
      • Permissions
        • Roles
      • Files
      • SAML and SSO
  • Code Guard
    • Introduction
    • Implement with your licensing system
      • Setting up a gateway
      • Setting up the SDK
    • Secured values
      • Dynamic values
      • Code Encryption
        • Page 1
    • Preventing analysis
    • Enhanced visibility
      • Disabling tracing on production
      • Logging external methods
      • Optimizing Memory Usage
    • Edge connectivity
    • Preventing modifications
      • Preventing assembly load
      • Allowing partial tampering
      • Enterprise EDRs and XDRs
      • Dynamic Hook protection
      • Thread hijacking
      • Guard Checksums
      • DLL Injection
      • Handling complex RE attacks
        • Custom payload detection
    • Granular Integrity Checks
    • Virtualized Environments
    • Troubleshooting
    • Threat database
    • Real time alerts
      • Alert Insights
  • CLI Tool
    • Introduction
    • Global options
    • Profiles
    • Projects
    • Obfuscator
      • Obfuscation Schemes
      • Task templates
      • Protecting files
        • Global obfuscation flags
        • Using templates to obfuscate files
        • Quick obfuscation
      • Monitoring obfuscation jobs
    • Securing local storage
Powered by GitBook
On this page
  • Example
  • Mitigation

Was this helpful?

  1. Code Guard
  2. Preventing modifications

Handling complex RE attacks

When it comes to software security, attackers often look for the weakest entry point. In some cases, they may not target the application itself, but rather the dependencies that the software relies on. This attack vector is becoming increasingly prevalent as more and more applications rely on external libraries or components. The weak entry point in this scenario is the lack of protection in the dependencies, as these can be exploited to gain access to the application's inner workings or to bypass its licensing restrictions.

This type of attack can render obfuscation and other licensing procedures irrelevant.

Example

Consider a software program that requires a user to log in through an HTTPS authentication flow. The attacker, who wants to bypass the software licensing checks, observes the flow and knows the responses that the program expects from the server to authenticate. However, the attacker is unable to modify the original application or intercept the connection to the server.

In this scenario, the attacker could target the underlying library that receives the responses from the server and tamper with the library instead of the main program.

The attacker would then be able to fool the program into believing it received a valid authentication response, even if it wasn't actually sent by the server. This would allow the attacker to bypass the authentication flow and gain access to the software without having to provide a valid username and password.

Mitigation

PreviousDLL InjectionNextCustom payload detection

Last updated 1 year ago

Was this helpful?