I’ve 2 .NET c# application without any security features. I wanted to implement a security mechanism myself which i will describe below, and i would like your comments if this is would work or there are things which i dont know.
So, when i need to run MyApp, i run AuthenticationAPP, this app will ask me for a security code.
IF code is correct -> load MyApp;
ELSE -> do not load app
What i was wondering is if there is a method to bypass this kind of mechanism and therefore transforming my authenticaitonAPP in uselessAPP very easly or if those methods are hard to implement.
thank you for any ideas/clarification.
You need to prevent the .net runtime from loading and executing any of the assemblies in MyApp. To ensure that you need to specify code permissions for your assemblies.
The code permissions has to check for a condition that can only be set correctly by AuthentificationAPP. It could something as simple as an encrypted call parameter from AuthentificationAPP to MyApp.
Then you have to make sure that your code can’t be reverse engineered by a third party. So you have to look into code obfuscation and signing.
I think you can add code permissions on assembly level. So it could be that all you need is to add a single source file with assembly level code permissions and call context verification to each of you 1000 programs and the recompile those.