This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

.Net Code Sample - Reflecting assembly with missing dependency

From OWASP
Jump to: navigation, search

The code below aims to answer the question: Are you able to Reflect an assembly with missing dependencies?

I.e. an assembly that you cannot execute and if given the source code, cannot compile


AssemblyA.dll

using System;
using System.Collections.Generic;
using System.Text;
namespace Owasp.Net.test
{
  public class AssemblyA
  { 
}

AssemblyB.dll

using System;
using System.Collections.Generic;
using System.Text;
using Owasp.Net.test; 
namespace Owasp.Net.test
{
  class Program
  {
    static void Main(string[] args)
    {
      Console.WriteLine(Owasp.Net.test.AssemblyA.AssemblyAMethod());
    }
  }
}


FileReflector.exe

using System;
using System.Collections.Generic;
using System.Text;
using System.Reflection;
using System.IO;
namespace FileReflector
{
 class Program
 {
   static void Main(string[] args)
   {
     if (args.Length == 0)
       Console.WriteLine("You must enter a file to analyse");
     else
     {
       string strPathToFileToAnalyse = Path.Combine(Environment.CurrentDirectory, args[0].ToString());        
       Assembly aAssemblyToAnalyze = Assembly.ReflectionOnlyLoadFrom(strPathToFileToAnalyse);
       foreach (Module mModule in aAssemblyToAnalyze.GetModules())
       {
         Console.WriteLine("\n Module: {0}", mModule.Name);
         foreach (Type tType in mModule.GetTypes())
         {
           Console.WriteLine("\t Class: {0}", tType.Name);
           foreach (MethodInfo mMethod in tType.GetMethods())
           {
             Console.WriteLine("\t\t Method: {0}", mMethod.Name);
           }
         }
       }
     }                       
   }
 }
}

Executing AssemblyB.exe with AssemblyA.dll in the same Directory:

This is a String from Assembly A


Executing AssemblyB.exe with AssemblyA.dll DELETED From same Directory:

Unhandled Exception: System.IO.FileNotFoundException: Could not load file or assembly 'AssemblyA, Version=1.0.0.0, Cultu
re=neutral, PublicKeyToken=null' or one of its dependencies. The system cannot find the file specified.
File name: 'AssemblyA, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null'
  at Owasp.Net.test.Program.Main(String[] args)


Execution "FileReflector.exe AssemblyB.exe" with AssemblyA.dll DELETED From same Directory:

FileReflector.exe AssemblyB.exe 

Module: AssemblyB.exe
    Class: Program
        Method: GetType
        Method: ToString
        Method: Equals
        Method: GetHashCode


For reference: Execution "FileReflector.exe AssemblyB.exe" on AssemblyA.dll

FileReflector.exe AssemblyA.exe 

Module: AssemblyA.exe
    Class: Program
        Method: GetType
        Method: ToString
        Method: Equals
        Method: GetHashCode
    Class: AssemblyA
        Method: AssemblyAMethod
        Method: GetType
        Method: ToString
        Method: Equals
        Method: GetHashCode
Retrieved from "https://wiki.owasp.org/index.php?title=.Net_Code_Sample_-_Reflecting_assembly_with_missing_dependency&oldid=189817"