Pen Testing with Iron Andrew Wilson Trustwave SpiderLabs

Ubiquitous Hello Application Security Consultant Ex-Software Developer– Microsoft MVP Long walks on the beach Dancing in the rain

Goals Why Bother? Introduction to the DLR & CLR Getting Running Examples: Reflection and Disassembly Leveraging Existing Tools Driving Applications with Scripts

Why Bother? Best of Both Worlds Deeper Reach Simplification

Python & Ruby: Make Developers Security Testers Happy! Awesome at Scripting & Interactive Development (read: rapid prototyping) Incapable (normally) of interaction with.NET 

.NET Framework Is: Awesome in library, connectivity, and tooling Commonly used by companies you test Sucky at scripting and interactive programming

CLR <3 Focuses concerns against business problems Handles: Memory Management Metadata JIT Common Type System

DLR <3

Expression Trees Translate code from one language to MSIL Introduced in.Net 3.5 via Linq

DLR+CLR Peace Love & Harmony Bi-Directional support: DLR – CLR (Ex. Python – CLR) CLR – DLR (Ex. CLR – Embedded Python)

IronPython Significantly more mature (circa 2006) Better support for existing Python applications Loads apps by being manually added to lib

IronRuby Needs your support Just obtained Visual Studio Support Loads assemblies via igem (instead of gem) install

Getting Started You will need: IronRuby OR IronPython Language tools are optional Visual Studio Express OR MonoDevelop Reflector

Use Cases: Disassembly / Reflection Existing Tooling Driving Applications via Scripts

No Disassemble!

Reflection::noitcelfeR.NET has reflection– but it sucks Ruby has reflection– and it rules Always Cheat, Always win.

Use Existing Tools

Some things aren‘t 100% supported Workarounds are in progress & inevitable Gains are still decent & getting better

THE POWER OF GRAYSKULL!!

When Not To Use: When You Can’t Testing Web Applications You Can Debug Natively When Native Tools Are Better

Closing Thoughts No Free Lunches Offers Unique Opportunities Projects In Transition

QA