#1
|
|||
|
|||
Obfuscation for ninjascript
Hi everyone
I am a professional in finance, and I specialise in automated trading strategies and I've been doing work outside of my job for clients who want code obfuscation. Mostly for ninjatrader. I have a background in c# but I have little to no experience with obfuscating code. My questions relate to, how best can I obfuscate my code and what tools can be used to bypass said obfuscation? I'm aware of Agile.NET and i've come across virtualization but I do not understand if it can be applied to a compiled dll via ninjatrader. Any help would be appreciated. my understanding is that the code can be deobfuscated, I just don't quite know how to piece it together. Apologies if this post violates the rules. I can take it down if needed |
#2
|
|||
|
|||
There is a tool to remove agile - https://github.com/SychicBoy/AgileDotNetSlayer
(not sure if it takes care if the code is vt-zed) regarding obf - I"d recommend VMP latest ver, its very strong and aggressive stuff and it suports .net + VT |
#3
|
|||
|
|||
Quote:
I've tried SMD for agile and it says it managed to decrypt x number of methods but going into dnspy showed nothing changed, file size was 1kb larger Am I correct in saying that if an agile deobfuscator works, de4dot would then be used to de-virtualise? |
#4
|
|||
|
|||
No, de4dot is deprecated/archived
https://github.com/de4dot/de4dot and not updated for 5 years already... it was never able to devirt agile.net prot |
#5
|
|||
|
|||
I am mistaken then, I was reading that regardless of the depreciation it would work. Silly to think that in hindsight
How would someone go about devitalisation then? |
#6
|
|||
|
|||
the only guy I know that is do it (on commercial basis) is the author of slayer apps - SychicBoy
|
#7
|
|||
|
|||
Quote:
I am trying to deobfuscate a current dll and I wanted to ask how everything fits in 1. is SMD for agile a decrpyter or a deobfuscator, i assume decrypter explicitly. 2. if my dll was decrypted, I would then need to deobfuscate first or devirutalize? how does demutilating come into it or is it even a thing in my case? I appreciate your patience |
#8
|
|||
|
|||
Agile Slayer tool will tell you about options applied:
1) for code encryption: "CODE ENCRYPTION HAS BEEN DETECTED, INCOMPLETE DEOBFUSCATION OF THE ASSEMBLY MAY RESULT." 2) for code virtualization: "CODE VIRTUALIZATION HAS BEEN DETECTED, INCOMPLETE DEOBFUSCATION OF THE ASSEMBLY MAY RESULT." |
The Following User Says Thank You to sendersu For This Useful Post: | ||
niculaita (10-23-2024) |
Tags |
agile, ninjascript, obfuscation, virtualization |
Thread Tools | |
Display Modes | |
|
|