Reflector:这段代码中的注释是否意味着整个事情都被混淆了?

发布于 2024-08-23 07:25:55 字数 1952 浏览 7 评论 0原文

因此,在下面的代码中,您会注意到注释“//此项目已混淆,无法翻译。”

我想知道的是,这是否意味着注释代替了一些混淆的代码,而接下来的内容实际上并未混淆,或者是否意味着“以下代码已混淆”?

从我在网上找到的信息来看,这听起来像前者,但我不确定。这段代码显然看起来很混乱,但它并不是无法翻译,只是很搞笑。

public static NameValueCollection ParseStringIntoNameValueCollection(string responseString, bool undoCallbackEscapes)
{
    // This item is obfuscated and can not be translated.
    NameValueCollection values;
    string[] strArray;
    int num;
    string str2;
    string str3;
    int num3;
    goto Label_0027;
Label_0002:
switch (num3)
{
    case 0:
        if (!undoCallbackEscapes)
        {
            goto Label_0057;
        }
        num3 = 4;
        goto Label_0002;

    case 1:
        goto Label_00E5;

    case 2:
        if (num < strArray.Length)
        {
            string str = strArray[num];
            int index = str.IndexOf('=');
            str2 = str.Substring(0, index);
            str3 = str.Substring(index + 1);
            num3 = 0;
        }
        else
        {
            num3 = 6;
        }
        goto Label_0002;

    case 3:
        if (7 < (7 - 5))
        {
            goto Label_0071;
        }
        goto Label_00E5;

    case 4:
        str2 = unEscapeCallbacks(str2);
        str3 = unEscapeCallbacks(str3);
        num3 = 5;
        goto Label_0002;

    case 5:
        goto Label_0057;

    case 6:
        return values;
}
Label_0027:
    values = new NameValueCollection();
    strArray = responseString.Split(new char[] { '&' }, StringSplitOptions.RemoveEmptyEntries);
    num = 0;
    num3 = 1;
    goto Label_0002;
Label_0057:
    values.Add(str2, str3);
    num++;
    num3 = 3;
    goto Label_0002;
Label_00E5:
    num3 = 2;
    goto Label_0002;
}

更新:我确实发现了这个......“有时,当Reflector为您反汇编源代码时,它会显示“此项目已混淆,无法翻译”而不是代码,但不是太频繁。 ”

对我来说,这意味着它用注释掩盖了混淆的代码。任何人都可以验证这一点吗?我确实查看了 IL,它似乎显示了所有内容,所以也许该声明不准确。

对我来说,这段代码看起来像是由一个具有 BASIC 知识的 5 岁孩子混淆的,而不是由一些混淆软件混淆的。

So in the code below you'll notice the comment "// This item is obfuscated and can not be translated."

What I'm wondering is does that mean that the comment is there in place of some obfuscated code and what follows is not actually obfuscated or does it mean "the following code is obfuscated"?

From what I can find on the web it sounds like the former but I'm not sure. The code clearly looks obfuscated but it's not untranslatable, just hilarious.

public static NameValueCollection ParseStringIntoNameValueCollection(string responseString, bool undoCallbackEscapes)
{
    // This item is obfuscated and can not be translated.
    NameValueCollection values;
    string[] strArray;
    int num;
    string str2;
    string str3;
    int num3;
    goto Label_0027;
Label_0002:
switch (num3)
{
    case 0:
        if (!undoCallbackEscapes)
        {
            goto Label_0057;
        }
        num3 = 4;
        goto Label_0002;

    case 1:
        goto Label_00E5;

    case 2:
        if (num < strArray.Length)
        {
            string str = strArray[num];
            int index = str.IndexOf('=');
            str2 = str.Substring(0, index);
            str3 = str.Substring(index + 1);
            num3 = 0;
        }
        else
        {
            num3 = 6;
        }
        goto Label_0002;

    case 3:
        if (7 < (7 - 5))
        {
            goto Label_0071;
        }
        goto Label_00E5;

    case 4:
        str2 = unEscapeCallbacks(str2);
        str3 = unEscapeCallbacks(str3);
        num3 = 5;
        goto Label_0002;

    case 5:
        goto Label_0057;

    case 6:
        return values;
}
Label_0027:
    values = new NameValueCollection();
    strArray = responseString.Split(new char[] { '&' }, StringSplitOptions.RemoveEmptyEntries);
    num = 0;
    num3 = 1;
    goto Label_0002;
Label_0057:
    values.Add(str2, str3);
    num++;
    num3 = 3;
    goto Label_0002;
Label_00E5:
    num3 = 2;
    goto Label_0002;
}

Update: I did find this... "Sometimes, not too often, when Reflector is disassembling source code for you, it will show "This item is obfuscated and can not be translated" instead of code."

Which to me implies that it's covering up obfuscated code with the comment. Can anyone verify this? I did look at the IL and it seems like it's showing everything so maybe that statement isn't accurate.

To me this code looks like it was obfuscated by a 5 year old with a knowledge of BASIC as opposed to some obfuscation software.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

春庭雪 2024-08-30 07:25:56

从某种意义上来说,它看起来很混乱,它是一个字符串函数,根据 & 符号分割字符串,并通过 switch/case 来确定如何处理它。使用 goto 纯粹是(从表面上看)以一种有点糟糕的方式混淆代码阅读器...

当然,您可以使用 Redgate 的反射器(以前称为 Rutz Loeder 的反射器)加载任何 .NET EXE/DLL )来分析和转储代码,因此无论代码如何“混淆”,混淆并没有真正达到目的,因为代码可以很容易地反编译。

没有真正的方法来保护 .NET EXE/DLL,除非它被加密并使用非托管 C/C++ 代码加载 .NET 运行时、解密 .NET EXE 并将其加载到新托管的应用程序域中...

希望如此帮助,
此致,
汤姆.

It seems to look obfuscated in the sense, that it's a string function that splits up a string based on the ampersand and goes through the switch/case to determine how to handle it. The usage of goto is purely (by the look of it) to confused code readers in a somewhat bad way...

Sure you can load any .NET EXE/DLL using Redgate's reflector (Formerly Rutz Loeder's Reflector) to analyze and dump the code, so no matter how 'obfuscated' it is, obfuscation does not really serve a purpose as the code can be decompiled quite easily.

There is no real way of protecting the .NET EXE/DLL unless it is encrypted and using a unmanaged C/C++ code to load the .NET runtime, decrypt the .NET EXE and load that into a newly hosting appdomain...

Hope this helps,
Best regards,
Tom.

柠檬色的秋千 2024-08-30 07:25:56

无论它多么令人困惑,您应该始终能够反编译为 IL,因此您可以查看它并查看 Reflector 是否实际上向您显示了所有内容。

No matter how obfuscated it is, you should always be able to decompile into IL, so you can look at that and see if reflector is actually showing you everything.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文