1 / 22

Practical Disassembling

Practical Disassembling. Jason Haley. Who is this guy?. Certifiable (MCSD.net certified that is) Blog – http://jasonhaley.com/blog Leader of Beantown.Net User Group Member of Boston Area Code Brew NerdDinners.com for Boston area TA for Programming .Net at Harvard

leyna
Download Presentation

Practical Disassembling

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Practical Disassembling Jason Haley

  2. Who is this guy? • Certifiable (MCSD.net certified that is) • Blog – http://jasonhaley.com/blog • Leader of Beantown.Net User Group • Member of Boston Area Code Brew • NerdDinners.com for Boston area • TA for Programming .Net at Harvard • Sr. Software Engineer - Cheshire Software

  3. Disassembling is useful • View all pieces of an assembly file • View compiled code • Translate IL to a higher level language • See how efficient your code is • Edit IL code to fine tune

  4. Example of disassembling • Is disassembling complicated? • Demo: Reflector or ILDasm

  5. Agenda • Define disassembling • Introduce three disassemblers • Dive into disassembling

  6. What is disassembling? • Disassembling is not reflection • Disassemble or decompile? • Demos: ILDasm, Reflector

  7. What is an assembly file? • PE/COFF Information • Metadata • IL code • Demo: ILDasm

  8. Agenda • Define disassembling • Introduce three disassemblers • Dive into disassembling

  9. ILDasm • MSIL Disassembler – Comes with the .Net Framework SDK • Disassembles to IL • Designed to create valid input for ILasm • Demo: Look at the application

  10. Reflector for .Net • Lutz Roeder – http://www.aisto.com/roeder/dotnet • Great code browsing tool • Add-ins created by community - http://www.aisto.com/incoming/Reflector/AddIns/ • Demo: Reflector and its add-ins

  11. DILE – Dotnet IL Editor • Open source (Zsolt Petreny) – http://sourceforge.net/projects/dile • Disassembles to IL • Quick search for name and tokens • Debugger functionality • Debug IL • Attach to running process • Demo: Look at the application

  12. Agenda • Define disassembling • Introduce three disassemblers • Dive into Disassmbling

  13. Taking assemblies apart • Unmanaged parts • Managed parts • Demos: Reflector, ILDasm

  14. Round tripping assemblies • What is it? • Why would you want to do it? • Demos: ILDasm, Reflector, AL

  15. Stepping through assemblies • Debugging third party assemblies • VS.Net – the Assembler experience • DILE – the IL experience • Demo: VS.Net, DILE

  16. Should you protect your code? • Managed resources • Disassemble or decompile not necessary • Strong name signing • Demo: RFE, ILDasm

  17. Some protection options • Server side • Sell source • Encryption • Fingerprint or watermark • Obfuscation • Demo: Dotfuscator

  18. Summary • What is disassembling and decompiling? • Is disassembling hard? • What is a disassembler and what can it do for you? • What are some options to protect your code? • Why do you care?

  19. Resources • .Net SDK (especially ILDasm) • Reflector - http://www.aisto.com/roeder/dotnet/ • DILE - http://sourceforge.net/projects/dile • Standard ECMA-335 – CLI – http://ecma-international.org/publications/standards/Ecma-335.htm • CIL Programming by Jason Bock

  20. Disassemblers/Decompilers • ILDasm • Reflector for .Net • DILE – Dotnet IL Editor • Monodis • Asmex – Free source .Net Assembly Examiner • Dis# - .Net decompiler • .Net Explorer • Spices.Net

  21. Code protection • Dotfuscator • Salamander .Net Obfuscator and Protector • Demeanor for .Net • CodeVeil • LSW-IL Obfuscator • SecureLM Code Protector • Spices.Net • Decompiler.Net • {smartassembly}

  22. Questions ?

More Related