How to use obfuscator in Unity3D environment?

 


Obfuscation (. Lat obfuscare, «obscure, darken") - is the process of obfuscation program code, that is, to bring the source code or executable code to the form, retain the functional program, but complicates the analysis and understanding of algorithms and modifications during decompilation.


Obfuscation involves usually rename class names, methods, properties and fields in a set of meaningless names, making it difficult to study the logic of the program.

 

But to save the code functionality - not all the names, you can rename, especially the Unity environment, this in DevXObfuscator obfuscator automatic create rules, exceptions for some names:

 

  1. Of the renaming process excluded class names inherited from the unity MonoBehaviour and ScriptableObject

    reason: In Unity classes inherited by MonoBehaviour or ScriptableObject used in the scene for GameObject objects, and made a bunch of class name, so changing the name of the class - Unity will not be able to associate a link in GameObject with real class in the assembly (dll).


    example:
    // for obfuscator - Dont rename ‘GameObjectScript’
    public class GameObjectScript : MonoBehaviour
    {
    }

  2. Out renaming process excluded names of the following functions (for classes inherited from MonoBehaviour)

    Create, Update, LateUpdate, FixedUpdate, Awake, Start, Reset, OnMouseEnter, OnMouseOver, OnMouseExit, OnMouseDown, OnMouseUp, OnMouseDrag, OnTriggerEnter, OnTriggerExit, OnTriggerStay, OnCollisionEnter, OnCollisionExit, OnCollisionStay, OnControllerColliderHit, OnJointBreak, OnParticleCollision, OnBecameVisible, OnBecameInvisible, OnLevelWasLoaded, OnEnable, OnDisable, OnPreCull, OnPreRender, OnPostRender, OnRenderObject, OnWillRenderObject, OnGUI, OnRenderImage, OnDrawGizmosSelected, OnDrawGizmos, OnApplicationPause, OnApplicationQuit и некоторые другие..


    reason: Unity in the process calls certain class methods whose names are reserved for certain actions, for example Update is called when updating each scene and if we rename it, Unity will not find by name this method and the function will not be called.

    example:
    // for obfuscator - Dont rename ‘GameObjectScript’
    public class GameObjectScript1 : MonoBehaviour
    {
        // for obfuscator - Dont rename
        // Use this for initialization
        void Start ()
        {  
        }

        // for obfuscator - Dont rename
        // Update is called once per frame
        void Update ()
        {
        }
    }
       



  3. Because the renaming process excluded the names public "public" classes, methods, properties, fields.


    reason: carried out by name, so for example, if you rename a field in the class that Unity does not find it, it will cause an error in the game scene for objects GameObject can use the fields and methods of classes, but a bunch.  

    example:
    // for obfuscator - Dont rename ‘GameObjectScript’
    public class GameObjectScript : MonoBehaviour
    {
       // for obfuscator - Dont rename
       public string field_for_scene;

       // for obfuscator - Dont rename
       public bool flag_for_scene;


       // for obfuscator - allow rename
       internal string name_for_only_scripts_access;
       // for obfuscator - allow rename
       private bool flag_for_only_class_access;

       // for obfuscator - allow rename
       protected int count_for_only_class_access;
    }


  4. Because of the renaming process excluded the names of serialized classes of their properties and fields.


    Reason: In the process of serialization classes used the names of their fields and properties, so if you rename a class, the serialization may fail.  

    Example:
      // for obfuscator - Dont rename class and contents
       [System.Serializable]
       class TestObject
       {
           string name;
           int count;
       }


 

Recommendation:

 

It to obtain is recommended to follow the following rules the maximum effect of the obfuscation process:

  1. Use the "public" modifier only where it is really needed, in other cases, replace with:

    1. "internal"- The type or member can be accessed by any code in the same assembly, but not from another assembly.

    2. "protected"- The type or member can be accessed only by code in the same class or struct, or in a class that is derived from that class.

    3. "private"- The type or member can be accessed only by code in the same class or struct.

  2. Game logic better display of the classes inherited from MonoBehaviour in some internal classes without modifying public and serialization flag, so it is much more difficult to link the logic of the objects in the scene.

  3. Logic verification of license keys and other security verification mechanisms - it is better to split into many separate pieces and spread these parts of the code. This will complicate the logic analysis. It is also recommended to add to the very logic of the additional code that actually does not affect the result but complicates the analysis because of the excessive amount of regulations.

  4. To protect string data - to which access is not desired (especially those that are used to verify keys) is recommended to use an appropriate obfuscator flag (encrypt lines)

  5. to protect the viewing and modification of data stored using PlayerPrefs recommended to use the corresponding flag obfuscator (Protect data used via PlayerPrefs ) that will provide both concealing the real name and data protection themselves

  6. In order to protect from getting temporary variables and modification through the memory (debuggers) Recommended to use a protected variable storage classes (included in the delivery obfuscator DevXObfuscatorPro)   

    1. ProtectedFloat - for storage in memory float variable encrypted

    2. ProtectedInt - for storage in the int variable memory in encrypted form

    3. ProtectedString - for storage in the memory of a string variable is encrypted

  7. If the project resources are used (/ resources /) whose content you want to protect from exports, it is recommended to use the resources of the encryption mechanism obfuscator

    1. encryption text data
      to load encryption the text used function
      string DevXUnity.LoadEncryptedResourceText(string resource_name, string key)

    2. encryption image
      to download the encrypted image using function
      Texture2D DevXUnity.LoadEncryptedResourceTexure(string resource_name, string key, int width, int height, TextureFormat format, bool mipmap, bool linear)
             

    3. Encryption of other types available in binary form
      is used for loading the function
      byte[] DevXUnity.LoadEncryptedResourceBinary(string resource_name, string key)



You can also get advice and answers to questions by sending a request to the post unity3dobfuscator@gmail.com