Click here to Skip to main content
15,941,973 members
Please Sign up or sign in to vote.
1.00/5 (1 vote)
See more:
How to identify obfuscated code
Posted

The whole idea of obfuscation is to make it hard to read - so if you can't read the code when you reverse engineer it, it is probably obfuscated.

Or you aren't very good at reading reverse engineered code. Could be both. :laugh:
 
Share this answer
 
Open the EXE or DLL file in Reflector or similar products and look inside the assembly.

If you see the following then it will probably be obfuscated:
- private/internal names (gray names in reflector) with non English/readable characters
- class names with non English/readable characters
 
Share this answer
 
Comments
sp1786 29-Jun-12 4:35am    
Hi mehdi,

yes the decompiled code does have classes with naming convention like $UnnamedClass$0xf8d8d908$09$.cs

does this mean code is obfuscated ?
Mehdi Gholam 29-Jun-12 4:45am    
These could be anonymous classes, if the source is decompiled to cs files then it probably is not obfuscated (not by a good obfuscator at least) as they don't allow decompilation.
sp1786 29-Jun-12 5:27am    
Dear Mehdi,

The decompiled code is without main method in all the available classes. I see structures and interfaces only
eg:
internal struct Struct23
{
}

or

public struct finaldata
{
}

How to study this code?? How can i get main method?
Mehdi Gholam 29-Jun-12 5:34am    
If it is a DLL then it won't have a main method.
sp1786 29-Jun-12 5:35am    
its an exe.the decompiled code is without main method. I wanted the same. how can i get it?

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900