Obfuz多态dll文件加密

作者:追风剑情 发布于:2026-1-28 14:10 分类:Unity3d

  默认情况下Assembly.Load需要传入标准的dll文件,意味着恶意破解者有办法获得完整的原始dll文件,或者加载恶意的第三方dll,这给开发者带来巨大的安全风险。 即使对dll文件进行加密,恶意破解者只要hook了Assembly.Load入口位置,仍然可以dump出完整的原始dll文件。

obfuz通过支持多态dll文件,有效对抗这种dump或者篡改dll的行为。

一、设置 Project Settings

1.png

(1)勾上 Enable,启用多态DLL机制。
(2)设置生成多态DLL使用的随机化密钥 “Code Generation Secret Key”。
(3)勾上 “Disable Load Standard”,禁止加载标准结构的dll。

二、修改菜单脚本 

using HybridCLR.Editor;
using HybridCLR.Editor.AOT;
using HybridCLR.Editor.Commands;
using NUnit.Framework;
using Obfuz.Settings;
using Obfuz4HybridCLR;
using System.Collections.Generic;
using System.IO;
using UnityEditor;
using UnityEngine;

public class HybridCLREditor
{
    // 进一步剔除AOT dll中非泛型函数元数据,输出到StrippedAOTAssembly2目录下
    [MenuItem("HybridCLR/Strip AOT Assembly")]
    public static void StripAOTAssembly()
    {
        BuildTarget target = EditorUserBuildSettings.activeBuildTarget;
        string srcDir = SettingsUtil.GetAssembliesPostIl2CppStripDir(target);
        string dstDir = $"{SettingsUtil.HybridCLRDataDir}/StrippedAOTAssembly2/{target}";
        foreach (var src in Directory.GetFiles(srcDir, "*.dll"))
        {
            string dllName = Path.GetFileName(src);
            string dstFile = $"{dstDir}/{dllName}";
            AOTAssemblyMetadataStripper.Strip(src, dstFile);
        }
    }

    [MenuItem("HybridCLR/ObfuzExtension/CompileAndObfuscateAndCopyToStreamingAssets")]
    public static void CompileAndObfuscateAndCopyToStreamingAssets()
    {
        BuildTarget target = EditorUserBuildSettings.activeBuildTarget;
        CompileDllCommand.CompileDll(target);

        string obfuscatedHotUpdateDllPath = PrebuildCommandExt.GetObfuscatedHotUpdateAssemblyOutputPath(target);
        ObfuscateUtil.ObfuscateHotUpdateAssemblies(target, obfuscatedHotUpdateDllPath);

        Directory.CreateDirectory(Application.streamingAssetsPath);

        string hotUpdateDllPath = $"{SettingsUtil.GetHotUpdateDllsOutputDirByTarget(target)}";
        List<string> obfuscationRelativeAssemblyNames = ObfuzSettings.Instance.assemblySettings.GetObfuscationRelativeAssemblyNames();

        foreach (string assName in SettingsUtil.HotUpdateAssemblyNamesIncludePreserved)
        {
            string srcDir = obfuscationRelativeAssemblyNames.Contains(assName) ? obfuscatedHotUpdateDllPath : hotUpdateDllPath;
            string srcFile = $"{srcDir}/{assName}.dll";
            string dstFile = $"{Application.streamingAssetsPath}/{assName}.dll.bytes";
            if (File.Exists(srcFile))
            {
                File.Copy(srcFile, dstFile, true);
                Debug.Log($"[CompileAndObfuscate] Copy {srcFile} to {dstFile}");
            }
        }
    }

    //生成 混淆+多态 DLL
    [MenuItem("HybridCLR/ObfuzExtension/CompileAndObfuscatePolymorphicDll")]
    public static void CompileAndObfuscatePolymorphicDll()
    {
        BuildTarget target = EditorUserBuildSettings.activeBuildTarget;
        CompileDllCommand.CompileDll(target);

        string obfuscatedHotUpdateDllPath = PrebuildCommandExt.GetObfuscatedHotUpdateAssemblyOutputPath(target);
        //生成混淆DLL
        ObfuscateUtil.ObfuscateHotUpdateAssemblies(target, obfuscatedHotUpdateDllPath);

        Directory.CreateDirectory(Application.streamingAssetsPath);

        string hotUpdateDllPath = $"{SettingsUtil.GetHotUpdateDllsOutputDirByTarget(target)}";
        List<string> obfuscationRelativeAssemblyNames = ObfuzSettings.Instance.assemblySettings.GetObfuscationRelativeAssemblyNames();

        string srcDir = string.Empty;
        string dstDir = string.Empty;
        string srcFile = string.Empty;
        string dstFile = string.Empty;
        foreach (string assName in SettingsUtil.HotUpdateAssemblyNamesIncludePreserved)
        {
            srcDir = obfuscationRelativeAssemblyNames.Contains(assName) ? obfuscatedHotUpdateDllPath : hotUpdateDllPath;
            srcFile = $"{srcDir}/{assName}.dll";
            dstFile = $"{Application.streamingAssetsPath}/{assName}.dll.bytes";
            if (File.Exists(srcFile))
            {
                //File.Copy(srcFile, dstFile, true);
                //生成多态DLL
                ObfuscateUtil.GeneratePolymorphicDll(srcFile, dstFile);
                Debug.Log($"[ObfuscateAndPolymorphic] Copy {srcFile} to {dstFile}");
            }
        }

        //需要生成多态DLL的补充元数据程序集
        List<string> metadataAssemblies = new List<string> { "mscorlib" };
        foreach (string assName in metadataAssemblies)
        {
            srcDir = SettingsUtil.GetAssembliesPostIl2CppStripDir(target);
            dstDir = $"{SettingsUtil.HybridCLRDataDir}/StrippedAOTAssembly2/{target}";
            srcFile = $"{srcDir}/{assName}.dll";
            dstFile = $"{Application.streamingAssetsPath}/{assName}.dll.bytes";
            if (!File.Exists(srcFile))
                continue;
            //生成多态DLL
            ObfuscateUtil.GeneratePolymorphicDll(srcFile, dstFile);
            Debug.Log($"[ObfuscateAndPolymorphic] Copy {srcFile} to {dstFile}");
        }
    }
}

4.png

依次执行菜单 【HybridCLR】->ObfuzExtension->GenerateAll 和 【HybridCLR】->ObfuzExtension->CompileAndObfuscatePolymorphicDll 命令。在工程的 StreamingAssets 目录下可以看到经混淆加多态后的dll。

5.png

HotUpdate.dll是逻辑程序集,mscorlib.dll是补充元数据程序集。

三、ILSpy查看dll

2.png

从 ILSpy 的反编译截图可看出,生成多态后的DLL已经无法被反编译。

四、打包运行测试

从屏幕打印出的日志可以看出生成多态后的DLL被正常加载执行。
3.png

标签: Unity3d

HybridCLR代码混淆»
Powered by emlog  蜀ICP备18021003号-1   sitemap

川公网安备 51019002001593号