Reflector is so useful in the kind of stuff I do with dotnet - I don't know how popular it is out in the community however...do you guys use it?
Another great tool from Lutz is the 'Regulator' which as it's name suggests is all about assisting with RegEx.
Lutz Roeder: another of my heroes.
-
Follow
Oops, something didn't work.
Sign In to be begin to follow this thread
What does this mean?
Following an item on Channel 9 allows you to watch for new content and comments that you are interested in. You need to be signed in to Channel 9 to use this feature.Getting "follow" information
Start following this thread
What does this mean?
Following an item on Channel 9 allows you to watch for new content and comments that you are interested in and view them all on your notifications page.Removing your "follow"
Setting up your "follow"
Did you know you can
sign up for email notifications?
-
J2K
Stayin' #
-
Sven Groot
Don't worry... I'm a doctor.
Agreed whole heartedly. I don't know what I'd do without Reflector. Okay, I'd probably use ildasm, but Reflector is better.
But if I'm allowed one tiny nit: this post would be better suited to the Coffeehouse. -
Yggdrasil
Pour me a cab, 'cause I can't drink no more.
J2K wrote:
Reflector is so useful in the kind of stuff I do with dotnet - I don't know how popular it is out in the community however...do you guys use it?
Another great tool from Lutz is the 'Regulator' which as it's name suggests is all about assisting with RegEx.
Lutz Roeder: another of my heroes.
First of all - Regulator isn't by Lutz Roeder - it's by Roy Osherove, who's generally a great guy and my personal agile/TDD guru when I have any questions.
Secondly - Reflector does, indeed, rock the free world. It's come to the point where I fire up Reflector even before looking at the MSDN documentation. It's invaluable in understanding why things happen the way they do. -
staceyw
Before C# there was darkness...
yep. It has been around awhile. Love it, use it.
-
TommyCarlier
Widen your gaze
It's the most awesome developer tool I know and use. I even use it as a replacement for other stuff. Like documentation: I can usually find something faster in Reflector than I can in the Visual Studio documentation. Or I use Reflector on my own compiled code to find relationships between classes and methods.
-
I was quite surprised when I started digging through the framework dlls. They are in no way obfuscated. So you can load them up in Reflector and start digging around in your favorite namespace and see exactly whats under the covers with its disassembler!
-
Whole heartily agree,
I needed to automate some of the functionality of mageui.exe onto a web server; reflector totally helped me out however I can’t help but feel less secure when writing .NET apps as I know every developer can just see all your security mechanisms. But i guess when an app is on a local box security is never really safe.
(windbg rules: you are never safe
) -
figuerres
???
Yeah Reflector is a great tool.
love it.
and security is relative....
and I'd rather have code you *CAN* verify and check
get the trojans and other gunk out -- and be able to scan for back doors etc....
than some "Ball of code" that no human can trace and may hide any kind of malware / keyloger etc.... -
SecretSoftware
Code to live, but Live to code.
I hate it, because it allowed script kiddies to read my human readable code.
I might as well just give them the cs files and the compiler, and let them create zombie like applications that resemble mine and fool my customers or worse, use it to exploit my services.
I had , as many of you know, in the past, been vocal on this issue, and wanted MS to enable us to deliver encrypted MSIL to customers and then CLR would decrypt and run on demand with the JITTER.
I am hopeful they will still implement this in the future. In the mean time I am going to implement my own cutom solution , which is to encrypt the MSIL, and use a C++ loader, that will decrypt the assemblies in memory and then run them.
Crude but what can one do? -
JohnAskew
9 girl in pink sweater
SecretSoftware wrote:I hate it, because it allowed script kiddies to read my human readable code.
I might as well just give them the cs files and the compiler, and let them create zombie like applications that resemble mine and fool my customers or worse, use it to exploit my services.
I had , as many of you know, in the past, been vocal on this issue, and wanted MS to enable us to deliver encrypted MSIL to customers and then CLR would decrypt and run on demand with the JITTER.
I am hopeful they will still implement this in the future. In the mean time I am going to implement my own cutom solution , which is to encrypt the MSIL, and use a C++ loader, that will decrypt the assemblies in memory and then run them.
Crude but what can one do?
Code obfuscators, got 5k?
live.com search results for .NET code obfuscator -
Ion Todirel
buuu
and when will C9 Team go to interview the guy? Rory, Charles?
-
Ion Todirel
buuu
Your so called "issue" you had with this is just wrong. Everything is hackable, it's just a matter of time. OK that doesn't mean that allowing everyone to look at your code is OK. But you could sue them if they stole your code.SecretSoftware wrote:I hate it, because it allowed script kiddies to read my human readable code.
I might as well just give them the cs files and the compiler, and let them create zombie like applications that resemble mine and fool my customers or worse, use it to exploit my services.
I had , as many of you know, in the past, been vocal on this issue, and wanted MS to enable us to deliver encrypted MSIL to customers and then CLR would decrypt and run on demand with the JITTER.
I am hopeful they will still implement this in the future. In the mean time I am going to implement my own cutom solution , which is to encrypt the MSIL, and use a C++ loader, that will decrypt the assemblies in memory and then run them.
Crude but what can one do?
-
footballism
Another Paradigm Shift!
The bunch of new features added into this little lovely tool are really awesome:P
Now you can navigate the methods and classes which are annotated with comments, why we need MSDN documentation now:O
Another great feature is showing the comments for the IL opcode in the tooltip, this feature is really a big time saver, because I ain't need to open documentation or IL spec to find the meaning and usage of a particular opcode.
++ for Lutz, you guy rocks;)
Sheva -
Minh
WOOH! WOOH!
I'd just read the Reflector post on Scott Hanselman's site about plugins. Who knew you could debug a straight-up assembly?
CodeMetrics : Analyses .NET assemblies and shows design quality metrics. Download
Review : Allows editing and managing annotations during code reviews. Download
Diff : This add-in shows differences between two versions of the same assembly. Download
FileDisassembler : This add-in can be used to dump the disassembler output to files for any Reflector supported language.
SQL2005Browser : This add-in allows to browse .NET assemblies stored in SQL Server 2005 databases.
FileGenerator : This add-in can be used to dump the disassembler output to files for any Reflector supported language.
Deblector : This add-in allows to debug processes from within Reflector.
Doubler : A code generator for unit tests, stubs and wrappers.
Graph : This add-in draws assembly dependency graphs and IL graphs. Please read the install instructions here .
DependencyStructureMatrix : Allows you to create and browser dependency structure matrices.
CodeSearch : This add-in allows searching for strings and regular expressions in disassembled code. Download
SequenceViz : This add-in draws sequence diagrams.
PowerShellLanguage : Renders output as Windows PowerShell script.
DelphiLanguage : The Delphi view that is used inside .NET Reflector provided as a language add-in.
CppCliLanguage : This add-in extends Reflector with a C++/CLI language rendering module.
Hawkeye : A tool that allows you to debug the UI tree of Windows Forms applications.
ClassView : Shows class definitions as plain text with color coding.
CodeModelViewer : This add-in shows the underlying code model objects for selected items.
Diff : This add-in shows differences between two versions of the same assembly. Download
ComLoader : Lists COM components for browsing and converts them into managed interop assemblies. Download
TestDriven.net : This Visual Studio add-in can navigate to any code element inside Reflector with a single click.
BizTalkDisassembler : Allows you to list all BizTalk artifacts contained in an assembly and extract them. Download
ComLoader : Lists COM components for browsing and converts them into managed interop assemblies. Download
AutoDiagrammer : This add-in draws class diagrams. -
SecretSoftware wrote:I hate it, because it allowed script kiddies to read my human readable code.
I might as well just give them the cs files and the compiler, and let them create zombie like applications that resemble mine and fool my customers or worse, use it to exploit my services.
I had , as many of you know, in the past, been vocal on this issue, and wanted MS to enable us to deliver encrypted MSIL to customers and then CLR would decrypt and run on demand with the JITTER.
I am hopeful they will still implement this in the future. In the mean time I am going to implement my own cutom solution , which is to encrypt the MSIL, and use a C++ loader, that will decrypt the assemblies in memory and then run them.
Crude but what can one do?
Instead, maybe you should just reading writing secure code by M. Howard - it is a much better use of your time.
One possible flaw with your plan - the assembly will be in memory unencrypted, so why couldn't I just attach a debugger to it to see what is happening and possible 'security weaknesses' in your code? Or maybe reflect on your inmemory appdomain? Or host your application within my own appdomain to gain access to it.
Plus if you have a bad coding standard then I wouldn't even need to view the code as I could do it all via the UI - ie....Web Apps?
Any btw, how do you think intellisense works... -
Massif
aim stupidly high, expect to fail often.
See, now I feel like I've missed something.
I heard about reflector way back when I was allowed to write .NET code (sulking about having to write C++ cross-platform code at the moment.) but never used it. I usually prefer to read english descriptions of what something does than try to understand code.
But now I get the impression I may be wrong about that, ah well... I shall have a look and see. -
DanWygant wrote:
Obfuscation can be bypassed/reversed if you have the time/will. I think there is even tools for it now...
Thread Closed
This thread is kinda stale and has been closed but if you'd like to continue the conversation, please create a new thread in our Forums,
or Contact Us and let us know.