This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

.Net Assembly Analyzer

From OWASP
Jump to: navigation, search

.Net Assembly Analyzer is a tool that uses reflection to analyze .Net (i.e. MSIL) code.


Development notes

  • The base functionality is now created (first analysis of assemblies, storing of data in object, XML serialization, and storage of all calls made from each method (using MSIL analysis)
  • What needs to happen next is for each call discovered, store its reference (as a callback) in the target method (this is a bit complicated because we must make sure that the signatures match)
  • Once that is done, the next step will be do create quick spiders that will use the populated objects to map the possible paths


Download

You can download the current version from here AssemblyAnalyzer v0.2.zip.ppt (remove the .ppt to unzip)

Info

The current version takes an assembly and creates an XML file containg the following information

namespace Owasp.AssemblyAnalyzer
{
   [Serializable]
   public class AssemblyRawData
   {        
       public List<aAssembly> aAssemblies = new List<aAssembly>();
   }
   [Serializable]
   public class aAssembly
   {
       [XmlAttribute()] public string Name = "";
       public List<String> strAttributes = new List<String>();
       public List<mModule> mModules = new List<mModule>();
   }
   [Serializable]
   public class mModule
   {
       [XmlAttribute()] public string Name;
       public string FullyQualifiedName;
       public List<tType> tTypes = new List<tType>();
   }
   [Serializable]
   public class tType
   {
       [XmlAttribute()] public string FullName;  
       [XmlAttribute()] public string Name;
       [XmlAttribute()] public string Namespace;        
       [XmlAttribute()] public bool bIsAbstract;
       [XmlAttribute()] public bool bIsAnsiClass;
       [XmlAttribute()] public bool bIsArray;
       [XmlAttribute()] public bool bIsAutoClass;
       [XmlAttribute()] public bool bIsAutoLayout;
       [XmlAttribute()] public bool bIsByRef;
       [XmlAttribute()] public bool bIsClass;
       [XmlAttribute()] public bool bIsCOMObject;
       [XmlAttribute()] public bool bIsContextful;
       [XmlAttribute()] public bool bIsEnum;
       [XmlAttribute()] public bool bIsExplicitLayout;
       [XmlAttribute()] public bool bIsGenericParameter;
       [XmlAttribute()] public bool bIsGenericType;
       [XmlAttribute()] public bool bIsGenericTypeDefinition;
       [XmlAttribute()] public bool bIsImport;
       [XmlAttribute()] public bool bIsInterface;
       [XmlAttribute()] public bool bIsLayoutSequential;
       [XmlAttribute()] public bool bIsMarshalByRef;
       [XmlAttribute()] public bool bIsNested;
       [XmlAttribute()] public bool bIsNestedAssembly;
       [XmlAttribute()] public bool bIsNestedFamily;
       [XmlAttribute()] public bool bIsNestedPrivate;
       [XmlAttribute()] public bool bIsNestedPublic;
       [XmlAttribute()] public bool bIsNotPublic;
       [XmlAttribute()] public bool bIsPointer;
       [XmlAttribute()] public bool bIsPrimitive;
       [XmlAttribute()] public bool bIsPublic;
       [XmlAttribute()] public bool bIsSealed;
       [XmlAttribute()] public bool bIsSerializable;
       [XmlAttribute()] public bool bIsSpecialName;
       [XmlAttribute()] public bool bIsUnicodeClass;
       [XmlAttribute()] public bool bIsValueType;
       [XmlAttribute()] public bool bIsVisible;
       public string strTypeAttributes;
       public List<String> strAttributes = new List<String>();
       public List<mMethod> mMethods = new List<mMethod>();
       public List<fField> fFields = new List<fField>();
       public List<pProperty> pProperties = new List<pProperty>();
   }
   [Serializable]
   public class mMethod
   {
       [XmlAttribute()] public string Name;
       [XmlAttribute()] public bool bIsAbstract;
       [XmlAttribute()] public bool bIsAssembly;
       [XmlAttribute()] public bool bIsConstructor;
       [XmlAttribute()] public bool bIsFamily;
       [XmlAttribute()] public bool bIsFinal;
       [XmlAttribute()] public bool bIsGenericMethod;
       [XmlAttribute()] public bool bIsGenericMethodDefinition;
       [XmlAttribute()] public bool bIsHideBySig;
       [XmlAttribute()] public bool bIsPrivate;
       [XmlAttribute()] public bool bIsPublic;
       [XmlAttribute()] public bool bIsSpecialName;
       [XmlAttribute()] public bool bIsStatic;
       [XmlAttribute()] public bool bIsVirtual;        
       public List<string> strCalls = new List<string>();
       public List<string> strUsedBy = new List<string>();
   }
   [Serializable]
   public class fField
   {
       [XmlAttribute()] public string Name;
   }
   [Serializable]
   public class pProperty
   {
       [XmlAttribute()] public string Name;
   }
}


Output Sample

The output is a serialized version of the populated AssemblyRawData object

<?xml version="1.0"?>
<AssemblyRawData xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
 <aAssemblies>
   <aAssembly Name="AssemblyAnalyzer, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null">
     <strAttributes>
       <string>System.Reflection.AssemblyConfigurationAttribute</string>
       <string>System.Reflection.AssemblyTitleAttribute</string>
       <string>System.Reflection.AssemblyCompanyAttribute</string>
       <string>System.Reflection.AssemblyFileVersionAttribute</string>
       <string>System.Reflection.AssemblyProductAttribute</string>
       <string>System.Diagnostics.DebuggableAttribute</string>
       <string>System.Runtime.CompilerServices.CompilationRelaxationsAttribute</string>
       <string>System.Runtime.CompilerServices.RuntimeCompatibilityAttribute</string>
       <string>System.Reflection.AssemblyDescriptionAttribute</string>
       <string>System.Runtime.InteropServices.GuidAttribute</string>
       <string>System.Runtime.InteropServices.ComVisibleAttribute</string>
       <string>System.Reflection.AssemblyTrademarkAttribute</string>
       <string>System.Reflection.AssemblyCopyrightAttribute</string>
     </strAttributes>
     <mModules>
       <mModule Name="AssemblyAnalyzer.exe">
         <FullyQualifiedName>F:\_Research\_MS session in Seattle\AssemblyAnalyzer\bin\AssemblyAnalyzer.exe</FullyQualifiedName>
         <tTypes>
           <tType FullName="Owasp.AssemblyAnalyzer.Properties.Resources" Name="Resources" Namespace="Owasp.AssemblyAnalyzer.Properties" bIsAbstract="false" bIsAnsiClass="true" bIsArray="false" bIsAutoClass="false" bIsAutoLayout="true" bIsByRef="false" bIsClass="true" bIsCOMObject="false" bIsContextful="false" bIsEnum="false" bIsExplicitLayout="false" bIsGenericParameter="false" bIsGenericType="false" bIsGenericTypeDefinition="false" bIsImport="false" bIsInterface="false" bIsLayoutSequential="false" bIsMarshalByRef="false" bIsNested="false" bIsNestedAssembly="false" bIsNestedFamily="false" bIsNestedPrivate="false" bIsNestedPublic="false" bIsNotPublic="true" bIsPointer="false" bIsPrimitive="false" bIsPublic="false" bIsSealed="false" bIsSerializable="false" bIsSpecialName="false" bIsUnicodeClass="false" bIsValueType="false" bIsVisible="false">
             <strTypeAttributes>AutoLayout, AnsiClass, Class, BeforeFieldInit</strTypeAttributes>
             <strAttributes>
               <string>System.Diagnostics.DebuggerNonUserCodeAttribute</string>
               <string>System.Runtime.CompilerServices.CompilerGeneratedAttribute</string>
               <string>System.CodeDom.Compiler.GeneratedCodeAttribute</string>
             </strAttributes>
             <mMethods>
               <mMethod Name="GetType" bIsAbstract="false" bIsAssembly="false" bIsConstructor="false" bIsFamily="false" bIsFinal="false" bIsGenericMethod="false" bIsGenericMethodDefinition="false" bIsHideBySig="true" bIsPrivate="false" bIsPublic="true" bIsSpecialName="false" bIsStatic="false" bIsVirtual="false">
                 <strCalls />
                 <strUsedBy />
               </mMethod>
               <mMethod Name="ToString" bIsAbstract="false" bIsAssembly="false" bIsConstructor="false" bIsFamily="false" bIsFinal="false" bIsGenericMethod="false" bIsGenericMethodDefinition="false" bIsHideBySig="true" bIsPrivate="false" bIsPublic="true" bIsSpecialName="false" bIsStatic="false" bIsVirtual="true">
                 <strCalls />
                 <strUsedBy />
               </mMethod>
               <mMethod Name="Equals" bIsAbstract="false" bIsAssembly="false" bIsConstructor="false" bIsFamily="false" bIsFinal="false" bIsGenericMethod="false" bIsGenericMethodDefinition="false" bIsHideBySig="true" bIsPrivate="false" bIsPublic="true" bIsSpecialName="false" bIsStatic="false" bIsVirtual="true">
                 <strCalls />
                 <strUsedBy />
               </mMethod>
               <mMethod Name="GetHashCode" bIsAbstract="false" bIsAssembly="false" bIsConstructor="false" bIsFamily="false" bIsFinal="false" bIsGenericMethod="false" bIsGenericMethodDefinition="false" bIsHideBySig="true" bIsPrivate="false" bIsPublic="true" bIsSpecialName="false" bIsStatic="false" bIsVirtual="true">
                 <strCalls />
                 <strUsedBy />
               </mMethod>
             </mMethods>
             <fFields />
             <pProperties />
           </tType>
           <tType FullName="Owasp.AssemblyAnalyzer.utils.serialization" Name="serialization" Namespace="Owasp.AssemblyAnalyzer.utils" bIsAbstract="false" bIsAnsiClass="true" bIsArray="false" bIsAutoClass="false" bIsAutoLayout="true" bIsByRef="false" bIsClass="true" bIsCOMObject="false" bIsContextful="false" bIsEnum="false" bIsExplicitLayout="false" bIsGenericParameter="false" bIsGenericType="false" bIsGenericTypeDefinition="false" bIsImport="false" bIsInterface="false" bIsLayoutSequential="false" bIsMarshalByRef="false" bIsNested="false" bIsNestedAssembly="false" bIsNestedFamily="false" bIsNestedPrivate="false" bIsNestedPublic="false" bIsNotPublic="true" bIsPointer="false" bIsPrimitive="false" bIsPublic="false" bIsSealed="false" bIsSerializable="false" bIsSpecialName="false" bIsUnicodeClass="false" bIsValueType="false" bIsVisible="false">
             <strTypeAttributes>AutoLayout, AnsiClass, Class, BeforeFieldInit</strTypeAttributes>
             <strAttributes />
             <mMethods>
               <mMethod Name="returnStringOfSerializedObject" bIsAbstract="false" bIsAssembly="false" bIsConstructor="false" bIsFamily="false" bIsFinal="false" bIsGenericMethod="false" bIsGenericMethodDefinition="false" bIsHideBySig="true" bIsPrivate="false" bIsPublic="true" bIsSpecialName="false" bIsStatic="true" bIsVirtual="false">
                 <strCalls>
                   <string>System.Object.GetType</string>
                   <string>System.Xml.Serialization.XmlSerializer..ctor</string>
                   <string>System.Object.GetType</string>
                   <string>System.Xml.Serialization.XmlSerializer..ctor</string>
                   <string>System.IO.MemoryStream..ctor</string>
                   <string>System.Xml.Serialization.XmlSerializer.Serialize</string>
                   <string>System.IO.Stream.Flush</string>
                   <string>System.IO.Stream.set_Position</string>
                   <string>System.IO.Stream.get_Length</string>
                   <string>System.IO.Stream.get_Length</string>
                   <string>System.IO.Stream.Read</string>
                   <string>System.Text.Encoding.get_UTF8</string>
                   <string>System.Text.Encoding.GetString</string>
                 </strCalls>
                 <strUsedBy />
               </mMethod>
               <mMethod Name="returnDeSerializedObjectOfSerializedString" bIsAbstract="false" bIsAssembly="false" bIsConstructor="false" bIsFamily="false" bIsFinal="false" bIsGenericMethod="false" bIsGenericMethodDefinition="false" bIsHideBySig="true" bIsPrivate="false" bIsPublic="true" bIsSpecialName="false" bIsStatic="true" bIsVirtual="false">
                 <strCalls>
                   <string>System.Xml.Serialization.XmlSerializer..ctor</string>
                   <string>System.Text.Encoding.get_UTF8</string>
                   <string>System.Text.Encoding.GetBytes</string>
                   <string>System.IO.MemoryStream..ctor</string>
                   <string>System.Xml.Serialization.XmlSerializer.Deserialize</string>
                 </strCalls>
                 <strUsedBy />
               </mMethod>