C# protecting application from code injection

Question

I just found out that even though I obfuscate my application it can still be cracked using code injection. This pretty much makes C# completely useless for me. Is there really no way to protect or make the process very difficult to do? Do 'crackers' have to know any class names etc. to do this? Thanks!

UPDATE: I'm trying to protect a binary (exe) not code.

Answer 1

Are you sure your code is worth the trouble for someone to do that? Very very few applications are.

Answer 2

If you're worried about protected industry secrets, it's impossible to send a computer the right instructions, but expect those instructions cannot be read by a capable person. If your goal is to stop somebody from modifying your EXE, why not simply sign your executable?

http://blogs.msdn.com/b/shawnfa/archive/2007/01/10/combining-strong-names-with-authenticode.aspx

Answer 3

Any of the .NET languages, and Java can be de-compiled. This includes .Exe and .dll files. What you will need to do is get an tool that obfuscates the code.

I've listed one below for you so you can get an idea: http://www.red-gate.com/products/dotnet-development/smartassembly/

Answer 4

I've read somewhere on here from several users that whatever the code is written in, it can be decompiled. Think of it like this, how else would the system know how to run the code? It is the same concept.

Usually though, most developers(that I know of) don't worry so much about this. Of course, this is a good reason not to have any sensitive details within your code but rather somewhere else.