Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Betr.: Exploiting C# Issues

from [Aleksander P. Czarnowski] Network Security [Permanent Link]
Subject: RE: Betr.: Exploiting C# Issues
Date: Mon, 7 Feb 2005 00:11:06 +0100 
Hello,


-----Original Message-----
From: Philip Wagenaar [mailto:p.wagenaar@accon.nl]
Sent: Friday, February 04, 2005 9:44 AM
To: pen-test@securityfocus.com
As you know C#,VB.NET and Cobolt.NET etc etc all compile into the 
Common Runtime Language.


True, however keep in mind that every compiler has it's own set of 
idiosyncrasy, read: optimization that result in a way it creates CLR code. For 
example VB compiler is inserting nop opcodes sometimes probably for easier 
breakpoint insertion during debugging. A good example of how compilers differ 
might be how internally Win32 C++ compilers pass "this": most are using ecx 
register but not all.   
 

I am not aware of any big weaknesses in the CLR, but I would 
search for papers on the CLR instead of a specific .Net Language.

Start with reading something about .NET security model. As for CRL code you can 
use IDA Pro or ILDASM (which is free and comes with SDK) to look for problems 
at compiled code level. You can also look at places where unmanaged code is 
being called as it might be possible that while there is no vulnerability in 
particular CLR application by itself you might be able to exploit security 
problem in called DLL.

Exploiting .NET is similar to exploiting weaknesses in Java VMs; I would start 
looking at already described class of problems for most popular JVM 
implementations and try to do the same to .NET Framework. 

Also keep in mind that .NET Framework Beta 2 is available to download.

Best Regards,
Aleksander Czarnowski
AVET INS
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: router stress testing tools, neil gardner
Next by Date:  RE: Wireless Pentest Question, Harshul Nayak
Previous by Thread:  Re: Betr.: Exploiting C# Issues, Barrie Dempster
Next by Thread:  Re: Betr.: Exploiting C# Issues, Philip Wagenaar
Indexes:  [Date] [Thread] [Top] [All Lists]