Obfuscation of private method contents and private const strings

[joschmo80]

I tried the latest Obfuscar (2.2.33) with my .NET Core 6.0 project. While it worked, I saw two issues:

• Private const string values were not obfuscated (even though HideStrings was true).
• Private method contents were not obfuscated (not sure if your library supports this). This is important for say, a license module that uses RSA / SHA256 behind the scenes, a fact I do not want discoverable via dotPeek or other reflection program.

Thanks in advance!

[alberk8]

• const are are not obfuscated.
• Private method contents are not obfuscated just the name of the method is obfuscated.

[joschmo80]

Yes, that is my point? Can the above be implemented as features? To me, they are crucial:

• Private method contents may content proprietary info like algorithms or other security related info.
• Likewise for private const strings which may contain, say, encryption keys.

ConfuserEx supports both, but unfortunately doesn't support .NET Core yet (https://github.com/mkaring/ConfuserEx/issues/302)

[lextm]

Different obfuscation tool vendors might advertise their products in any way they like (ConfuserEx or not), but the fact is that decompiler and deobfuscator are out there to help reverse engineering.

https://docs.obfuscar.com/getting-started/basics.html#caveat

If you really want to protect something important, writing it in C#/Java or similar languages isn't the right way. Thus, for obfuscar what you see is what you get and no plan to add anything fancy.