Reputation: 603
Hiding strings in .net core project
I have ASP.Net Core 1.0.1 project in which I need some strings hidden. The strings are private static fields. Obfuscar 2.2.3 is meant to hide strings by default, but it doesn't. I also tried this config with explicit values:
<Var name="HideStrings" value="true" />
<ForceStringHiding type="MyNamespase" />
But strings are still visible via dotPeek.
Maybe I misunderstood something? How can I get my strings hidden?
Upvotes: 1
Views: 1077
Answers (1)
Reputation: 16805
You can't "reliably hide" anything "inside app/library" while your app need to be able to "decrypt" it to original.
Any "secret algorithm" you invent is useless because all that needed to "decrypt" it is contained inside app (otherwise your app itself will not be able to "decrypt"), so any bad guy who have access to your app exe/dll can "repeat" this steps and "decrypt" hidden value.
If you "trust" server/machine where your app is running and want to "hide" some string only from persons who can "copy" your app from some intermediate source (e.g., download your zip distrib from github repo) then you should use UserSecrets library or similar.
If you do not "trust" server where your app is running - you should change server/provider.
Upvotes: 3
Related Questions
- Simple obfuscation of string in .NET?
- Obfuscar for asp.net core 3.1
- Trying obfuscating Dot Net Core applications
- obfuscation .net project
- How to obfuscate string constants?
- Obfuscate aspx pages - c# codes are inside aspx files
- Alternative for Obfuscation in the .NET world
- Hide c# windows application source code
- Obfuscating .cs source itself in Visual Studio
- Manually obfuscating code?