Control Flow Protection

ID: ctrl flow
Preset: Normal
Availability:

This protection mangles the code in the methods. While it is possible to decompile the mangled code, the result won't make any sense to a human reading it.

Parameters

• type: This parameter define how ConfuserEx mangles the method code. Supported values are:

  • switch: ConfuserEx would insert a switch-base state machine to reorder the codes. (default)
  • jump: ConfuserEx would inserts jumps in methods to produce traditional spaghetti code. (Produces unverifiable modules)

• predicate: This parameter define how ConfuserEx store the state variable if type is set to switch. Supported values are:

  • normal: ConfuserEx would use the state variable directly. (default)
  • expression: ConfuserEx would encode the state variable using dynamically generated expressions.
  • x86: ConfuserEx would encode the state variable using dynamically generated native x86 expressions. This mode will disable the "AnyCPU" mode of an assembly.
    (Produces unverifiable modules)

• intensity: This parameter is a integer value from 0 to 100, indicating how large is each split code block. Default is 60.

• depth: This parameter define how deep is the generated expression if predicate is set to expression or x86. Default is 4.

• junk: This parameter is a boolean value indicates whether junk codes would be inserted. Default is false. (Produces unverifiable modules)

Example

<protection id="ctrl flow">
  <argument name="type" value="switch" />
  <argument name="predicate" value="expression" />
  <argument name="intensity" value="70" />
  <argument name="depth" value="6" />
  <argument name="junk" value="true" />
</protection>