CODEWITHSUNDEEP
c#.netnetwork-programmingproxy
T.Worm
T.Worm

Reputation: 432

How to disable the default proxy in c# programmatically?

In a .net program, if we want to stop Web Debugging Proxy from capturing the requests from the program via setting the IE/Edge proxy port to itself, we can use App.config to set the default proxy to false. By this way we can protect the mechanism inside to some extent. However, the config is naked outside that the user can change it easily if the user wanted to hack the program have basic knowledge of CS. So, is there anyway to make it inside the code so that the hacker will have to decompile to hack?

Upvotes: 2

Views: 3049

Answers (2)

mbshambharkar
mbshambharkar

Reputation: 394

As Gabriel mentioned , Simply don't specify Proxy settings as hardcoded one. Find a way to serialize your data in unknown format if security is required.

So, is there anyway to make it inside the code so that the hacker will have to decompile to hack

You can easily see source of DLL by using ildasm.exe unless some additional steps are taken . Please have a look- How can I protect my .NET assemblies from decompilation?.

If you are using: WebRequest class Have look at WebRequest.DefaultWebProxy Property , setting it to null it would not take any proxy. https://learn.microsoft.com/en-us/dotnet/api/system.net.webrequest.defaultwebproxy?view=netframework-4.7.2#System_Net_WebRequest_DefaultWebProxy

If planning to use HttpClient class - you may need to pass custom handler ,WebRequestHandler should do the job by setting UseProxy to false .https://learn.microsoft.com/en-us/dotnet/api/system.net.http.webrequesthandler?view=netframework-4.7.2

Update: Adding note as not able to comment: Even HTTPS traffic can be decrypted easily in case of proxy server.

Upvotes: 0

Gabriel Luci
Gabriel Luci

Reputation: 41008

Don't. For a couple reasons (at least):

  • In some networks, sometimes the only way to reach the internet is through a proxy. If you hardcode your program to not use a proxy, then you will break it.
  • There is no way to stop people from seeing the traffic. I can use Wireshark to see everything that a proxy could see.

Instead, just encrypt your traffic (if you're using a web service, use HTTPS). Then even if it goes through a proxy or a network sniffer, it's not readable anyway.

Upvotes: -1

Related Questions