Presentation is loading. Please wait.

Presentation is loading. Please wait.

Paulo Marques, Bruno Cabral Dependable Systems Group University of Coimbra, Portugal RAIL: Code Instrumentation for.NET.

Published bySamuel Maldonado Modified over 11 years ago

Similar presentations

Presentation on theme: "Paulo Marques, Bruno Cabral Dependable Systems Group University of Coimbra, Portugal RAIL: Code Instrumentation for.NET."— Presentation transcript:

1 Paulo Marques, Bruno Cabral {pmarques,bcabral}@dei.uc.pt Dependable Systems Group University of Coimbra, Portugal RAIL: Code Instrumentation for.NET

2 Code Instrumentation The ability to modify an application after it has been compiled but before (or during) its execution Application Scenarios: Security Verifications, Dynamic Code Optimizers, Profiling, Fault Injection, AOP, among others

3 RAIL Runtime Assembly Instrumentation Library http://rail.dei.uc.pt An API that allows CLR assemblies to be manipulated and instrumented before they are loaded and executed Currently, one of the main high-level code instrumentation libraries for.NET

4 But whats this RAIL API anyway? Simple example: How can you be sure that the application that youve downloaded from the Internet is not searching through your files??

5 RAIL Suppose that you can open the application executable and substitute all class references from File to SecureFileAccess!!!... File theSecret; theSecret = new File(secret.doc);... data = theSecret.read(); internet.send(...); Original File (but in binary code!) RAIL... SecureFileAccess theSecret; theSecret = new SecureFileAccess(secret.doc);... data = theSecret.read(); internet.send(...); New File (also in binary code...)

6 class SecureFileAccess { File theRealFile; boolean accessPermited; File theRealFile; boolean accessPermited; SecureFileAccess(String filename) { logfile.write(The foo is accessing {0}, name);... accessPermited = User.readPermitAccess(); theRealFile = new File(filename); } SecureFileAccess(String filename) { logfile.write(The foo is accessing {0}, name);... accessPermited = User.readPermitAccess(); theRealFile = new File(filename); } read() { if (accessPermited) { theRealFile.read(); } } read() { if (accessPermited) { theRealFile.read(); } }} theSecret Proxy class Real File Real reference to the file

7 RAIL Suppose that you can open the application executable and substitute all class references from File to SecureFileAccess!!!... File theSecret; theSecret = new File(secret.doc);... data = theSecret.read(); internet.send(...); Original File (but in binary code!) RAIL... SecureFileAccess theSecret; theSecret = new SecureFileAccess(secret.doc);... data = theSecret.read(); internet.send(...); New File (also in binary code...) // Load assembly into memory RAssemblyDef myAssembly = RAssemblyDef.LoadAssembly("Download.exe"); // Creates references for the old and new types to be used RType oldType = myAssembly.RModuleDef.GetType("File"); RType newType = myAssembly.RModuleDef.GetType("SecureFileAccess"); // Creates a reference replacer and apply the substitution ReferenceReplacer replacer = new ReferenceReplacer(oldType, newType); myAssembly.Accept(replacer);

8 Development Model

9 What can be done with RAIL? Iterate over code, injecting and removing code Replace Type references Add epilogues and prologues to methods Redirect method accesses and calls Redirect field and property accesses Redirect field access to properties Redirect field read and write access to methods Manipulate custom attributes Copy-Paste Types and Methods and IL code across assemblies Manipulate Exception Blocks Integration with CODEDOM

10 Operating System program.exe/dll PE Header MetadataIL ILx86 Source Code Compile Assembly JIT-compiler RAIL.cs

11 Structure of an Assembly

12 Object-Oriented Representation (diagram not complete)

13 RAILs Internal Structure Fully-configurable: Can use third-party libraries

14 // Source code to use string myProxy = @" using system; class SecureFileAccess { File theRealFile; boolean accessPermited; (...) }"; // Define the code in an assembly RAssemblyDef dynamicAssembly = RAssemblyDef.CreateRAssemblyFromCode(myProxy, false); (...) // Creates references for the old and new types to be used RType oldType = myAssembly.RModuleDef.GetType("File"); RType newType = dynamicAssembly.RModuleDef.GetType("SecureFileAccess"); // Creates a reference replacer and apply the substitution ReferenceReplacer replacer = new ReferenceReplacer(oldType, newType); myAssembly.Accept(replacer); Example Using CodeDom

15 Conclusion High Level of Abstraction No need for handling all the internal details of PEs At the same time, has the ability to manipulate IL code directly Object-oriented Model for representation of all assembly modules Flexible MSIL instruction handling Use of Design Patterns One of the main high-level code instrumentation libraries for.NET

16

17 Questions? http://rail.dei.uc.pt

Download ppt "Paulo Marques, Bruno Cabral Dependable Systems Group University of Coimbra, Portugal RAIL: Code Instrumentation for.NET."

Similar presentations

Ahead of Time Dynamic Translation PreJit/NGEN by any other name George Bosworth Microsoft MRE04 March 21, 2004.

Ahead of Time Dynamic Translation PreJit/NGEN by any other name George Bosworth Microsoft MRE04 March 21, 2004.
By Sam Nasr September 28, 2004 Understanding MSIL.

By Sam Nasr September 28, 2004 Understanding MSIL.
.NET Framework Overview

.NET Framework Overview
Using.NET Platform Note: Most of the material of these slides have been taken & extended from Nakov’s excellent overview for.NET framework, MSDN and wikipedia.

Using.NET Platform Note: Most of the material of these slides have been taken & extended from Nakov’s excellent overview for.NET framework, MSDN and wikipedia.
Creating a Dialog-Based Comet Windows Program Brian Levantine.

Creating a Dialog-Based Comet Windows Program Brian Levantine.
Kit Chan (kichan@yahoo-inc.com) ATS Lua Plugin Kit Chan (kichan@yahoo-inc.com) Hi, My name is kit.

Kit Chan ATS Lua Plugin Kit Chan Hi, My name is kit.
CS 31003: Compilers ANIRUDDHA GUPTA 11CS10004 G2 CLASS DATE : 24/07/2013.

CS 31003: Compilers ANIRUDDHA GUPTA 11CS10004 G2 CLASS DATE : 24/07/2013.
.NET IL Obfuscation Presented by: Sarath Chandra Dorbala.

.NET IL Obfuscation Presented by: Sarath Chandra Dorbala.
Debugging Production SharePoint Applications Wouter van Vugt.

Debugging Production SharePoint Applications Wouter van Vugt.
Introducing the Common Language Runtime for.NET. The Common Language Runtime The Common Language Runtime (CLR) The Common Language Runtime (CLR) –Execution.

Introducing the Common Language Runtime for.NET. The Common Language Runtime The Common Language Runtime (CLR) The Common Language Runtime (CLR) –Execution.
Introducing the Common Language Runtime. The Common Language Runtime The Common Language Runtime (CLR) The Common Language Runtime (CLR) –Execution engine.

Introducing the Common Language Runtime. The Common Language Runtime The Common Language Runtime (CLR) The Common Language Runtime (CLR) –Execution engine.
Protection of Agent Teamwork By Jeremy Hall. Agent Teamwork Overview ● Mobile agent framework  AgentTeamwork 2 is a mobile-agent based middleware system.

Protection of Agent Teamwork By Jeremy Hall. Agent Teamwork Overview ● Mobile agent framework  AgentTeamwork 2 is a mobile-agent based middleware system.
Page 1 Sandboxing & Signed Software Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.

Page 1 Sandboxing & Signed Software Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.
Microsoft ® Official Course Monitoring and Troubleshooting Custom SharePoint Solutions SharePoint Practice Microsoft SharePoint 2013.

Microsoft ® Official Course Monitoring and Troubleshooting Custom SharePoint Solutions SharePoint Practice Microsoft SharePoint 2013.
Intro to dot Net Dr. John Abraham UTPA – Fall 09 CSCI 3327.

Intro to dot Net Dr. John Abraham UTPA – Fall 09 CSCI 3327.
A Free sample background from www.powerpointbackgrounds.com © 2001 By Default!Slide 1.NET Overview BY: Pinkesh Desai.

A Free sample background from © 2001 By Default!Slide 1.NET Overview BY: Pinkesh Desai.
Java Security. Topics Intro to the Java Sandbox Language Level Security Run Time Security Evolution of Security Sandbox Models The Security Manager.

Java Security. Topics Intro to the Java Sandbox Language Level Security Run Time Security Evolution of Security Sandbox Models The Security Manager.
Introduction to the Enterprise Library. Sounds familiar? Writing a component to encapsulate data access Building a component that allows you to log errors.

Introduction to the Enterprise Library. Sounds familiar? Writing a component to encapsulate data access Building a component that allows you to log errors.
Lecture Roger Sutton CO530 Automation Tools 5: Class Libraries and Assemblies 1.

Lecture Roger Sutton CO530 Automation Tools 5: Class Libraries and Assemblies 1.
.NET Framework Introduction: Metadata

.NET Framework Introduction: Metadata

Similar presentations

Ads by Google