#1

INTRODUCTION : WHY IT IS IMPORTANT TO PROTECT YOUR .NET CODE

To cheat in a video game it is possible to alter the data directly from the memory. This is how "injection" cheats work. Below is a very simple diagram showing you the - simplified - procedure of how it works.

We were approached by an independent developer who managed a software coded in C#. This software made it possible to avoid certain users from abusing the Minecraft video games. The most important functionality of this software was very simple: it involved scanning the memory, creating a report with the content of the memory, then passing this data on a remote server. The server analyzed the report and returned a "Good" message if the report contained nothing suspicious, and returned a "Bad" message otherwise. The game is launched correctly if and only if the anticheat software receives a "Good" message from the server. You can see in a simplified way how its software comes into play between the user and the video game with that diagram bellow.

The problem is that it is actually very easy to modify the software so that it thinks it receives the "Good" message every time it communicates with the server. In fact as on the diagram below you can note that there are three simple things to do: prevent outgoing communication with the server, prevent creation of reports by memory scan, and prevent the server from influencing the program. In this way, anyone can continue to cheat as they see fit, which completely affects the operation of the anticheat and reduces the quality of play on Minecraft servers. Any software written with the .NET framework can be opened in a decompiler, like dnSpy (https://github.com/0xd4d/dnSpy/), and its source code can be modified very easily.

#2

SOLUTION : NETGUARD.IO AS A PROTECTION AGAINST CRACKING AND REVERSE ENGINEERING

The first thing we did to protect this anticheat software was to strengthen the connection between the server and the client on the computer. Previously one could work without the other, while now it is necessary to obtain a unique "pin" specific to each client in order to start the video game. Also, the unique "pin" serves as an encryption key between the server and the client. The client has been obfuscated so that its content cannot be seen in a decompiler. Also, integrity checks are carried out by the server, and the game can no longer be launched without the approval of the anticheat.

  • The Anticheat had antidebug protection enabled, preventing any debugger and reverse engineering tool from running.
  • With our Constants Protection and MSIL Encryption Protection the file couldn't be decompiled properly anymore.
  • Integrity checks carried out by the server communicates with the integrty checks from within the file.

On the server we needed a simple way to retrieve the tokens used and validate them before sending anything back to the client. This is why we also offered, in addition to our obfuscation services, a real admin panel coded from A to Z by us. You can see this panel below. What should be noted is that each unique 'pin' is linked to a user, and therefore an IP address. In this way it is very simple to prohibit remotely the use of this software for malicious users: it is enough to note their IP address in the space reserved for that in the admin panel so that they can do nothing more at all.

THANKS TO NETGUARD.IO YOUR SOFTWARE IS ABLE TO



  1. Prevent automated hacking attemps and detect misuse
  2. Prevent breaches of piracy and licensing, ensuring users are unable to circumvent the limitations on their account
  3. Keep IP and patented algorithms secure from rivals and attackers who attempt to steal and leak them
  4. Control who has access to your application, when, and prevent the use of malicious tools
  5. Report users with inappropriate behavior who will no longer have access to your software

Membership Plans

Basic Plan

One time fee for one listing or task highlighted in search results.

$5 for 2 tokens
$50/ monthly
Features of Basic Plan
  • Access to all premium features
  • Premium 24/7 support
  • 1 security audit for all your projects
Buy Now

Extended Plan

One time fee for one listing or task highlighted in search results.

$49 for 40 tokens
$550 for 1 year
Features of Extended Plan
  • All Standard Plan features
  • Access to Beta features
  • RESTful API access from your program
Buy Now

We have a free plan with limited obfuscation engines that you automatically get upon registration ! Don't hesitate to test our service !