logging in or signing up Disassembling ForFun Sharck Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 325 Category: Entertainment License: All Rights Reserved Like it (0) Dislike it (0) Added: June 19, 2007 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... By: xiucai (53 month(s) ago) Hi, where is the "metadata diagram" by Chris? And could you sent it to me? Thank you very much! my email: linghuchong168@163.com Saving..... Post Reply Close Saving..... Edit Comment Close By: xiucai (53 month(s) ago) Hi, where is the "metadata diagram" by Chris? And could you sent it to me? Thank you very much! my email: linghuchong168@163.com Saving..... Post Reply Close Saving..... Edit Comment Close By: xiucai (53 month(s) ago) Hi, where is the "metadata diagram" by Chris? And could you sent it to me? Thank you very much! my email: linghuchong168@163.com Saving..... Post Reply Close Saving..... Edit Comment Close Premium member Presentation Transcript Disassembling for Fun: Disassembling for Fun Jason Haley Who is this guy?: Who is this guy? Certifiable (MCSD.net certified that is) Blog – http://jasonhaley.com/blog Co-leader of Beantown .Net User Group Member of Boston Area Code Brew A nerd dinner organizer for Boston area Sr. Software Engineer - Cheshire Software Disassembling is useful: Disassembling is useful See how efficient a compiler is Translate IL to a higher level language View all pieces of an assembly Extract resources Edit source code to recompile Example of disassembling: Example of disassembling What is Round-tripping? Demos: ILDasm, Reflector Agenda: Agenda Define disassembling Applied disassembling Writing a disassembler What is disassembling?: What is disassembling? Disassembling is not reflection Demos: WinCV, Asmex Disassemble or decompile Demos: ILDasm, Reflector Agenda: Agenda Define disassembling Applied disassembling Writing a disassembler What is in an assembly file?: What is in an assembly file? PE/COFF File CLR Header Metadata IL code PE File: PE File Portable Executable File Format PE/COFF headers Data directories Sections Demos: Dumpbin, .Net Explorer CLR Header: CLR Header Contains CLR specific information 'Required runtime' version Metadata location Managed resources location Strong name signature location Demo: .Net Explorer Metadata: Metadata Assembly metadata Metadata header Metadata streams (tables and heaps) Demos: Monodis, Asmex IL Code: IL Code Recognizing the pieces Metadata table contents Metadata heap contents IL code Demos: ILDasm, Spices.Net, Dis# Agenda: Agenda Define disassembling Applied disassembling Writing a disassembler Writing a disassembler: Writing a disassembler PE/COFF File CLR Header Metadata IL Code PE File: PE File Finding the PE header Signatures (MS-DOS, PE) Necessary structures Demos: Vijay CLR Header: CLR Header Finding the CLR Header Need information from PE Header Calculate the offset in file Demos: Vijay Metadata: Metadata Tables are a 'normalized database' Heaps String – zero-terminated character GUID – 16 byte binary objects Blob – binary object, preceded by its length Manifest Demos: metainfo, Vijay IL Code: IL Code Getting to the IL code Signatures RVA Method format (tiny or fat) Method data section Exception handling clause (small or fat) Demos: Dile, Vijay Summary: Summary What is disassembling? What is a disassembler and what can it do for you? What are some of the things you need to know to write your own disassembler? Why do you care? Resources: Resources Inside Microsoft .Net IL Assembler – Serge Lidin Standard ECMA-335 – CLI – http://ecma-international.org/publications/standards/Ecma-335.htm Metadata diagram - Chris King .Net SDK (especially ILDasm) Questions: Questions ? You do not have the permission to view this presentation. In order to view it, please contact the author of the presentation.
Disassembling ForFun Sharck Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 325 Category: Entertainment License: All Rights Reserved Like it (0) Dislike it (0) Added: June 19, 2007 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... By: xiucai (53 month(s) ago) Hi, where is the "metadata diagram" by Chris? And could you sent it to me? Thank you very much! my email: linghuchong168@163.com Saving..... Post Reply Close Saving..... Edit Comment Close By: xiucai (53 month(s) ago) Hi, where is the "metadata diagram" by Chris? And could you sent it to me? Thank you very much! my email: linghuchong168@163.com Saving..... Post Reply Close Saving..... Edit Comment Close By: xiucai (53 month(s) ago) Hi, where is the "metadata diagram" by Chris? And could you sent it to me? Thank you very much! my email: linghuchong168@163.com Saving..... Post Reply Close Saving..... Edit Comment Close Premium member Presentation Transcript Disassembling for Fun: Disassembling for Fun Jason Haley Who is this guy?: Who is this guy? Certifiable (MCSD.net certified that is) Blog – http://jasonhaley.com/blog Co-leader of Beantown .Net User Group Member of Boston Area Code Brew A nerd dinner organizer for Boston area Sr. Software Engineer - Cheshire Software Disassembling is useful: Disassembling is useful See how efficient a compiler is Translate IL to a higher level language View all pieces of an assembly Extract resources Edit source code to recompile Example of disassembling: Example of disassembling What is Round-tripping? Demos: ILDasm, Reflector Agenda: Agenda Define disassembling Applied disassembling Writing a disassembler What is disassembling?: What is disassembling? Disassembling is not reflection Demos: WinCV, Asmex Disassemble or decompile Demos: ILDasm, Reflector Agenda: Agenda Define disassembling Applied disassembling Writing a disassembler What is in an assembly file?: What is in an assembly file? PE/COFF File CLR Header Metadata IL code PE File: PE File Portable Executable File Format PE/COFF headers Data directories Sections Demos: Dumpbin, .Net Explorer CLR Header: CLR Header Contains CLR specific information 'Required runtime' version Metadata location Managed resources location Strong name signature location Demo: .Net Explorer Metadata: Metadata Assembly metadata Metadata header Metadata streams (tables and heaps) Demos: Monodis, Asmex IL Code: IL Code Recognizing the pieces Metadata table contents Metadata heap contents IL code Demos: ILDasm, Spices.Net, Dis# Agenda: Agenda Define disassembling Applied disassembling Writing a disassembler Writing a disassembler: Writing a disassembler PE/COFF File CLR Header Metadata IL Code PE File: PE File Finding the PE header Signatures (MS-DOS, PE) Necessary structures Demos: Vijay CLR Header: CLR Header Finding the CLR Header Need information from PE Header Calculate the offset in file Demos: Vijay Metadata: Metadata Tables are a 'normalized database' Heaps String – zero-terminated character GUID – 16 byte binary objects Blob – binary object, preceded by its length Manifest Demos: metainfo, Vijay IL Code: IL Code Getting to the IL code Signatures RVA Method format (tiny or fat) Method data section Exception handling clause (small or fat) Demos: Dile, Vijay Summary: Summary What is disassembling? What is a disassembler and what can it do for you? What are some of the things you need to know to write your own disassembler? Why do you care? Resources: Resources Inside Microsoft .Net IL Assembler – Serge Lidin Standard ECMA-335 – CLI – http://ecma-international.org/publications/standards/Ecma-335.htm Metadata diagram - Chris King .Net SDK (especially ILDasm) Questions: Questions ?