Our product assemblies are encrypted by EZIRIZ’s .Net Reactor (http://www.eziriz.com/), and normally the ILDASM cannot open it due to the SuppressIldasmAttribute added to the assembly, so we usually choose to use ILSpy, since it ignores that and still convenient
. But today, one of the product assembly seems to have some problem after encryption, though from windbg we can still check whatever we want, I still prefer to open it with a disassembly tool to make it easy. But this time, ILSpy fails and shows some exception when trying to display codes of functions
Since it is just the SuppressIldasmAttribute prevents ILDASM from opening the assembly, we can simply find a HEX editor, search the “SuppressIldasmAttribute” string, and zero them, then ILDasm can continue. So, the traditional robust tool can still help usand it seems that it is kind of more robust than some new tools.
No comments:
Post a Comment