Paulo Marques, Bruno Cabral Dependable Systems Group University of Coimbra, Portugal RAIL: Code Instrumentation for.NET.

Slides:



Advertisements
Similar presentations
Ahead of Time Dynamic Translation PreJit/NGEN by any other name George Bosworth Microsoft MRE04 March 21, 2004.
Advertisements

By Sam Nasr September 28, 2004 Understanding MSIL.
.NET Framework Overview
Using.NET Platform Note: Most of the material of these slides have been taken & extended from Nakov’s excellent overview for.NET framework, MSDN and wikipedia.
Creating a Dialog-Based Comet Windows Program Brian Levantine.
Kit Chan ATS Lua Plugin Kit Chan Hi, My name is kit.
CS 31003: Compilers ANIRUDDHA GUPTA 11CS10004 G2 CLASS DATE : 24/07/2013.
.NET IL Obfuscation Presented by: Sarath Chandra Dorbala.
Debugging Production SharePoint Applications Wouter van Vugt.
Introducing the Common Language Runtime for.NET. The Common Language Runtime The Common Language Runtime (CLR) The Common Language Runtime (CLR) –Execution.
Introducing the Common Language Runtime. The Common Language Runtime The Common Language Runtime (CLR) The Common Language Runtime (CLR) –Execution engine.
Protection of Agent Teamwork By Jeremy Hall. Agent Teamwork Overview ● Mobile agent framework  AgentTeamwork 2 is a mobile-agent based middleware system.
Page 1 Sandboxing & Signed Software Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.
Microsoft ® Official Course Monitoring and Troubleshooting Custom SharePoint Solutions SharePoint Practice Microsoft SharePoint 2013.
Intro to dot Net Dr. John Abraham UTPA – Fall 09 CSCI 3327.
A Free sample background from © 2001 By Default!Slide 1.NET Overview BY: Pinkesh Desai.
Java Security. Topics Intro to the Java Sandbox Language Level Security Run Time Security Evolution of Security Sandbox Models The Security Manager.
Introduction to the Enterprise Library. Sounds familiar? Writing a component to encapsulate data access Building a component that allows you to log errors.
Lecture Roger Sutton CO530 Automation Tools 5: Class Libraries and Assemblies 1.
.NET Framework Introduction: Metadata
Introduction to .Net Framework
© 2008 Dr. Paul Walcott – The University of the West Indies: Cave Hill CampusDr. Paul Walcott COMP6325 Advanced Web Technologies Dr. Paul Walcott The University.
CIS NET Applications1 Chapter 2 –.NET Component- Oriented Programming Essentials.
.NET Framework & C#.
Bruno Cabral Summary Vision Statement Process and Methodology Key Features Application scenarios What can we really do with RAIL?
 Internet providing backbone for applications  Use of several web sites and devices to provide one complete solution  Software as services  Quick software.
Lecture 8 Inheritance Richard Gesick. 2 OBJECTIVES How inheritance promotes software reusability. The concepts of base classes and derived classes. To.
Bacon A Penetration and Auditing Framework Hernan Gips
.NET Framework Overview
ASSEMBLIES AND THE GAC CHAPTER 1, LESSONS 4-7 & LAB.
.NET Framework Danish Sami UG Lead.NetFoundry
Plug-In Architecture Pattern. Problem The functionality of a system needs to be extended after the software is shipped The set of possible post-shipment.
Chapter 8 Object Design Reuse and Patterns. Object Design Object design is the process of adding details to the requirements analysis and making implementation.
Instrumentation in Software Dynamic Translators for Self-Managed Systems Bruce R. Childers Naveen Kumar, Jonathan Misurda and Mary.
PRIOR TO WEB SERVICES THE OTHER TECHNOLOGIES ARE:.
Getting Started with.NET Getting Started with.NET/Lesson 1/Slide 1 of 31 Objectives In this lesson, you will learn to: *Identify the components of the.NET.
Object Oriented Software Development 4. C# data types, objects and references.
JDBC CS 260 Database Systems. Overview  Introduction  JDBC driver types  Eclipse project setup  Programming with JDBC  Prepared statements  SQL.
Wel come To Seminar On C#.
Bruno Cabral “Reflection, Code Generation and Instrumentation in the.NET platform” University of Coimbra.
INTRODUCTION CHAPTER #1 Visual Basic.NET. VB.Net General features It is an object oriented language  In the past VB had objects but focus was not placed.
July 22, 2001Introduction to.NET1 Introduction to.NET Framework Gholamali Semsarzadeh July 2001.
Text Introduction to.NET Framework. CONFIDENTIAL Agenda .NET Training – Purpose  What is.NET?  Why.NET?  Advantages  Architecture  Components: CLR,
1 ROGUE Dynamic Optimization Framework Using Pin Vijay Janapa Reddi PhD. Candidate - Electrical And Computer Engineering University of Colorado at Boulder.
Plug-In Architecture Pattern. Problem The functionality of a system needs to be extended after the software is shipped The set of possible post-shipment.
Integrating and Extending Workflow 8 AA301 Carl Sykes Ed Heaney.
METADATA IN.NET Presented By Sukumar Manduva. INTRODUCTION  What is Metadata ? Metadata is a binary information which contains the complete description.
OE-NIK HP Advanced Programming Using and creating DLL files.
Just-In-Time Compilation. Introduction Just-in-time compilation (JIT), also known as dynamic translation, is a method to improve the runtime performance.
Computer System Structures
What is .NET.
Using Application Domains Effectively
Data Transport for Online & Offline Processing
Coding Defensively Coding Defensively
C# and the .NET Framework
CE-105 Spring 2007 Engr. Faisal ur Rehman
Overview of C.
2.1. Compilers and Interpreters
.NET and .NET Core 2. .NET Runtimes Pan Wuming 2017.
CS360 Windows Programming
Chapter 3 The .NET Framework Class Library (FCL)
Module 1: Getting Started
Lecture 22 Inheritance Richard Gesick.
Module 10: Implementing Managed Code in the Database
Introduction to AppDomains
Understanding DLLs and headers, and libs… Jeff Chastine.
SPL – PS1 Introduction to C++.
IS 135 Business Programming
Example Simple graph Binary Decision Tree Binary Decision Diagram …
Plug-In Architecture Pattern
Presentation transcript:

Paulo Marques, Bruno Cabral Dependable Systems Group University of Coimbra, Portugal RAIL: Code Instrumentation for.NET

Code Instrumentation The ability to modify an application after it has been compiled but before (or during) its execution Application Scenarios: Security Verifications, Dynamic Code Optimizers, Profiling, Fault Injection, AOP, among others

RAIL Runtime Assembly Instrumentation Library An API that allows CLR assemblies to be manipulated and instrumented before they are loaded and executed Currently, one of the main high-level code instrumentation libraries for.NET

But whats this RAIL API anyway? Simple example: How can you be sure that the application that youve downloaded from the Internet is not searching through your files??

RAIL Suppose that you can open the application executable and substitute all class references from File to SecureFileAccess!!!... File theSecret; theSecret = new File(secret.doc);... data = theSecret.read(); internet.send(...); Original File (but in binary code!) RAIL... SecureFileAccess theSecret; theSecret = new SecureFileAccess(secret.doc);... data = theSecret.read(); internet.send(...); New File (also in binary code...)

class SecureFileAccess { File theRealFile; boolean accessPermited; File theRealFile; boolean accessPermited; SecureFileAccess(String filename) { logfile.write(The foo is accessing {0}, name);... accessPermited = User.readPermitAccess(); theRealFile = new File(filename); } SecureFileAccess(String filename) { logfile.write(The foo is accessing {0}, name);... accessPermited = User.readPermitAccess(); theRealFile = new File(filename); } read() { if (accessPermited) { theRealFile.read(); } } read() { if (accessPermited) { theRealFile.read(); } }} theSecret Proxy class Real File Real reference to the file

RAIL Suppose that you can open the application executable and substitute all class references from File to SecureFileAccess!!!... File theSecret; theSecret = new File(secret.doc);... data = theSecret.read(); internet.send(...); Original File (but in binary code!) RAIL... SecureFileAccess theSecret; theSecret = new SecureFileAccess(secret.doc);... data = theSecret.read(); internet.send(...); New File (also in binary code...) // Load assembly into memory RAssemblyDef myAssembly = RAssemblyDef.LoadAssembly("Download.exe"); // Creates references for the old and new types to be used RType oldType = myAssembly.RModuleDef.GetType("File"); RType newType = myAssembly.RModuleDef.GetType("SecureFileAccess"); // Creates a reference replacer and apply the substitution ReferenceReplacer replacer = new ReferenceReplacer(oldType, newType); myAssembly.Accept(replacer);

Development Model

What can be done with RAIL? Iterate over code, injecting and removing code Replace Type references Add epilogues and prologues to methods Redirect method accesses and calls Redirect field and property accesses Redirect field access to properties Redirect field read and write access to methods Manipulate custom attributes Copy-Paste Types and Methods and IL code across assemblies Manipulate Exception Blocks Integration with CODEDOM

Operating System program.exe/dll PE Header MetadataIL ILx86 Source Code Compile Assembly JIT-compiler RAIL.cs

Structure of an Assembly

Object-Oriented Representation (diagram not complete)

RAILs Internal Structure Fully-configurable: Can use third-party libraries

// Source code to use string myProxy using system; class SecureFileAccess { File theRealFile; boolean accessPermited; (...) }"; // Define the code in an assembly RAssemblyDef dynamicAssembly = RAssemblyDef.CreateRAssemblyFromCode(myProxy, false); (...) // Creates references for the old and new types to be used RType oldType = myAssembly.RModuleDef.GetType("File"); RType newType = dynamicAssembly.RModuleDef.GetType("SecureFileAccess"); // Creates a reference replacer and apply the substitution ReferenceReplacer replacer = new ReferenceReplacer(oldType, newType); myAssembly.Accept(replacer); Example Using CodeDom

Conclusion High Level of Abstraction No need for handling all the internal details of PEs At the same time, has the ability to manipulate IL code directly Object-oriented Model for representation of all assembly modules Flexible MSIL instruction handling Use of Design Patterns One of the main high-level code instrumentation libraries for.NET

Questions?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.