Does ConfuserEx cause any breaking changes to an application on specific versions of Windows 7 or above (32- or 64-bit), or are anti-virus false positives the only thing to worry about?

[glasgowrob]

This is a followup to my my question "What's the strongest protection settings without triggering anti-virus false positives?" ( #64 )

Does anyone know of examples of certain protection settings that cause mkaring's ConfuserEx to create breaking changes to an application on a specific versions of Windows 7 or above (32- or 64-bit) or on a machine where the user configured Windows in a certain unusual way, or are anti-virus false positives the only thing to worry about regarding issues that may occur on some users' machines but not others?

[Gwindalmir]

It depends on how the application is used.
I haven't encountered Windows 7 specific problems, just general issues.
Mostly centered around debugging, and reflection use.

Where I work, we have an application that cannot handle "-anti tamper" at all. It just crashes due to what the application is.
In addition, for the same reason we can't use the irreversible "rename" feature either. I have to use instead "+rename(mode=decodable)"

Any public members that might be shared with other assemblies, you can't use rename on at all, for obvious reasons.

[glasgowrob]

Thanks @Gwindalmir for your sharing your experiences and thoughts regarding this very important topic.

I am sorry that you can't use anti-tamper and irreversible renaming, although as I understand it "decodable" renaming is really only reversible by the person who has the symbols.map file so at least your renaming should protect your code greatly.

My biggest concern is that I am using some protection settings that make my app no longer a simple cross-platform (Windows only, but Win 7, 8, and 10, and both 32- and 64-bit) application that is purely 100% C# that PEVerifies like a simple .NET application usually does. I've been developing pure, simple .NET applications that PEVerify for a long time and really appreciate the feature of .NET applications that they generally work on any Windows machine that is new enough and has the necessary .NET Framework. Using mkaring's ConfuserEx with the max protections per his recommendations cause my application to no longer PEVerify, and I have no real experience with what kind of issues this creates on different editions and configurations of Windows. I will do my best to test on different versions of Windows and with different configurations of Windows, but still, it would be great to know up front if there are any known issues of this kind.

I'm going to leave this issue open for another week or so in the hopes that more people share their thoughts and experiences on this.

@mkaring, any thoughts on this?

Thanks again for your help,

glasgowrob

[mkaring]

The application will work on different versions of windows without any issue. It uses some native functions of windows, but these functions are present in the Kernel of Windows at the very least since Windows XP, likely ealier when following the Windows NT line. I can't tell you if it works on Windows ME and 98. 😉

The renaming with the decodable option offers basically the same security as the normal version, except you can see all the letters used for the names except random unicode stuff. But it still can't be reversed without the map-file.

The compatibility problem starts getting real once you are trying to obfuscate an application that should run on anything but Windows. So an assembly that should run on Linux using Mono or .NET Core severely limits what protections you can use.

So all in all: There won't be any differences between the different versions of "recent" Windows Versions (since XP) that are introduced by ConfuserEx into your application.

[Gwindalmir]

I don't use MSIL generation, so I have no experience with PEVerify.

However to @mkaring's comment, I do have a .NET standard assembly that is compatible with Linux (dotnet sdk), and it works fine in my testing with the obfuscation settings I use.

I've never used PEVerify, so I have no comment on whether my assembly passes or not.

[glasgowrob]

Thank you very much, @mkaring, for the detailed answer. I now feel greatly relieved about the full compatibility of ConfuserEx across recent Windows versions. I have little experience with Windows programming other than pure .NET programming, but the way you described the kernel thing makes perfect sense and is great news for all .NET developers who want to use your version of ConfuserEx.

Thanks also to @Gwindalmir for sharing your experiences with ConfuserEx obfuscation in a cross platform environment. The fact that ConfuserEx works in any cross platform application is really impressive in itself.

I am closing this issue now. Thanks again, guys.

[LaraSQP]

The application will work on different versions of windows without any issue. It uses some native functions of windows, but these functions are present in the Kernel of Windows at the very least since Windows XP, likely ealier when following the Windows NT line. I can't tell you if it works on Windows ME and 98.

The renaming with the decodable option offers basically the same security as the normal version, except you can see all the letters used for the names except random unicode stuff. But it still can't be reversed without the map-file.

The compatibility problem starts getting real once you are trying to obfuscate an application that should run on anything but Windows. So an assembly that should run on Linux using Mono or .NET Core severely limits what protections you can use.

So all in all: There won't be any differences between the different versions of "recent" Windows Versions (since XP) that are introduced by ConfuserEx into your application.

Have been hit with this compatibility issue in Linux.

[github-actions]

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.