Forum Discussion

jellevanurk_Salland's avatar
jellevanurk_Salland
Copper Contributor
Jan 16, 2024

Obfuscation and MSIX installers using WAPP

Dear community,

 

To keep up to date with the market, we are moving our installers to MSIX installers instead of MSI installers.

 

We however noticed that our postbuild events that obfuscate code of our projects is visible again when we deploy our "windows application packaging project".

 

When trying to fix this, we noticed that the in the deploy stage files that are obfuscated would trigger are rebuild.

 

We are making use of .a post build event that kicks of a bat script to trigger .NET Reactor for our obfuscation.

 

How do you all handle obfuscation in your MSIX deployment stage? Since we can not find any real documentation in regards to it.

 

Kind regards,

Jelle van Urk

5 Replies

  • ekalchev's avatar
    ekalchev
    Brass Contributor
    Mar 06, 2025

    Why you want to obfuscate during installation? Why don't you do that as post build step and put obfuscated files in MSIX?

  • martin999's avatar
    martin999
    Copper Contributor
    Feb 25, 2025

    Don't bother. Obfuscating MSIX is such a f***ing nightmare it really isn't worth the trouble. Just stick with MSI until MS make MSIX useable, which of course they never will given that it is now years old and all their resources are focussed on AI. As far as they are concerned desktop is dead anyway.

  • Dami178's avatar
    Dami178
    Copper Contributor
    Jan 20, 2024

    Hello jellevanurk_Salland ,

     

    I had the same problem and I thought that it was a bug but I don't think so. Here what I'have done (1) and what I did to solve the problem. (2)

     

    1) I was running the postbuild (containing the dotreactor cmd) on the installerProject (the wapproj) and I was produicing ofuscating the dlls on MyAppInstaller\bin\x86\Release\MyApp

     

    (Remarks: the dlls are well ofuscated, but wapproj does'nt seem to get the dlls from here).

     

    2) Instead, I migrated the postbuild from the wapproj to the csproj of my app and I generated it on :

    output/ and the output/msixbundle. (remark: I had to do some adaptation to match the path ofc).

     

    By doing so, when I install the app through the installer and I check the dlls inside the WindowsApp/yourProject, the dll are in fact now really obfuscated.

     

    Have a great day. 🙂

     

     

    • jellevanurk_Salland's avatar
      jellevanurk_Salland
      Copper Contributor
      Jan 22, 2024
      Hey Dami178 ,

      do I understand correctly the following:
      "Instead of postbuild obfuscating the installer, you postbuild all the projects that are used"?

      If that is the case, let me explain our siutation a little more.

      We have several projects for several layers in our WPF application.
      ProjectX.Application --> ProjectX.Application\bin\x64\Release\net6.0\win-x64
      ProjectX.Core --> ProjectX.Core\bin\x64\Release\net6.0\win-x64
      ProjectX.Common --> ProjectX.Common\bin\x64\Release\net6.0\win-x64
      ProjectX.GUI <- entry project --> ProjectX.GUI\bin\x64\Release\net6.0-windows\win-x64
      ProjectX.Installer --> ProjectX.Installer\bin\x64\Release\ProjectX.Gui

      If I understood correctly you would add a separate postbuild event to each of them and that should fix it according to you?

      Kind regards,

      Jelle
      • Dami178's avatar
        Dami178
        Copper Contributor
        Jan 23, 2024

        jellevanurk_Salland 

         

        1) Yes I've migrated the postbuild to the project which contains all the app source code.

        2) I think that yes in this case, you will have to create several postbuilds one for each project.

         

        Don't hesitate to install and check inside the C:\Program Files\WindowsApps\YourApp to verify that the dlls are in fact obfuscated.

         

        Best regards,

Resources