Simple Decompiler Hack: Prevent skids from Decompiling

1. http://www.codeproject.com/Articles/670737/Csharp-Prevent-Reflector-from-Decompiling
2.  
3.  
4. The main idea is this: you change the value of NumberOfRvaAndSizes from the optional header of your application (IMAGE_OPTIONAL_HEADER).
5. This will prevent Decompilers from seeing your Code and give the error their is too many NT Headers.
6.  
7. Note that NumberOfRvaAndSizes is usually 16 (0x10) in any PE, however we can change that value to any number between: 0x6 and 0x9. Values outside this range will crash the application.
8.  
9. This value holds the number of data directories (IMAGE_DATA_DIRECTORY) - Reflector's problem is that it always expects the value to be 16 even though the application doesn't require that.
10.  
11. Modifying the Optional Header
12. The value of NumberOfRvaAndSizes is always stored on the 244th byte (0x00000F4), so you can change that value with a simple Hex Editor.
13.  
14.  
15. ++++++++++++++++++++++++++++++++++++++CONS+++++++++++++++++++++++++++++++++++++++++++++
16. Might not work on 64 bit systems
17. Not a "global" fix, other decompilers can still get the source code
18. Still a weak method, any skilled cracker would notice that
19. ++++++++++++++++++++++++++++++++++++++CONS+++++++++++++++++++++++++++++++++++++++++++++
20.  
21. Doing so will display something like this: "Invalid number of data directories in NT header", and leave your source safe from kiddies :p.
22. Meow.