This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of ".Net Assembly Analyzer"

From OWASP
Jump to: navigation, search
(Download)
Line 3: Line 3:
 
== Download ==
 
== Download ==
  
You can download the current version from here [[Image:AssemblyAnalyzer v0.2.zip.ppt AssemblyAnalyzer v0.2.zip.ppt]] (remove the .ppt to unzip)
+
You can download the current version from here [[Media:AssemblyAnalyzer_v0.2.zip.ppt|AssemblyAnalyzer v0.2.zip.ppt]] (remove the .ppt to unzip)
  
 
== Info ==
 
== Info ==

Revision as of 06:37, 28 July 2006

.Net Assembly Analyzer is a tool that uses reflection to analyze .Net (i.e. MSIL) code.

Download

You can download the current version from here AssemblyAnalyzer v0.2.zip.ppt (remove the .ppt to unzip)

Info

The current version takes an assembly and creates an XML file containg the following information 

namespace Owasp.AssemblyAnalyzer
{
   [Serializable]
   public class AssemblyRawData
   {        
       public List<aAssembly> aAssemblies = new List<aAssembly>();
   }
   [Serializable]
   public class aAssembly
   {
       [XmlAttribute()] public string Name = "";
       public List<String> strAttributes = new List<String>();
       public List<mModule> mModules = new List<mModule>();
   }
   [Serializable]
   public class mModule
   {
       [XmlAttribute()] public string Name;
       public string FullyQualifiedName;
       public List<tType> tTypes = new List<tType>();
   }
   [Serializable]
   public class tType
   {
       [XmlAttribute()] public string FullName;  
       [XmlAttribute()] public string Name;
       [XmlAttribute()] public string Namespace;        
       [XmlAttribute()] public bool bIsAbstract;
       [XmlAttribute()] public bool bIsAnsiClass;
       [XmlAttribute()] public bool bIsArray;
       [XmlAttribute()] public bool bIsAutoClass;
       [XmlAttribute()] public bool bIsAutoLayout;
       [XmlAttribute()] public bool bIsByRef;
       [XmlAttribute()] public bool bIsClass;
       [XmlAttribute()] public bool bIsCOMObject;
       [XmlAttribute()] public bool bIsContextful;
       [XmlAttribute()] public bool bIsEnum;
       [XmlAttribute()] public bool bIsExplicitLayout;
       [XmlAttribute()] public bool bIsGenericParameter;
       [XmlAttribute()] public bool bIsGenericType;
       [XmlAttribute()] public bool bIsGenericTypeDefinition;
       [XmlAttribute()] public bool bIsImport;
       [XmlAttribute()] public bool bIsInterface;
       [XmlAttribute()] public bool bIsLayoutSequential;
       [XmlAttribute()] public bool bIsMarshalByRef;
       [XmlAttribute()] public bool bIsNested;
       [XmlAttribute()] public bool bIsNestedAssembly;
       [XmlAttribute()] public bool bIsNestedFamily;
       [XmlAttribute()] public bool bIsNestedPrivate;
       [XmlAttribute()] public bool bIsNestedPublic;
       [XmlAttribute()] public bool bIsNotPublic;
       [XmlAttribute()] public bool bIsPointer;
       [XmlAttribute()] public bool bIsPrimitive;
       [XmlAttribute()] public bool bIsPublic;
       [XmlAttribute()] public bool bIsSealed;
       [XmlAttribute()] public bool bIsSerializable;
       [XmlAttribute()] public bool bIsSpecialName;
       [XmlAttribute()] public bool bIsUnicodeClass;
       [XmlAttribute()] public bool bIsValueType;
       [XmlAttribute()] public bool bIsVisible;
       public string strTypeAttributes;
       public List<String> strAttributes = new List<String>();
       public List<mMethod> mMethods = new List<mMethod>();
       public List<fField> fFields = new List<fField>();
       public List<pProperty> pProperties = new List<pProperty>();
   }
   [Serializable]
   public class mMethod
   {
       [XmlAttribute()] public string Name;
       [XmlAttribute()] public bool bIsAbstract;
       [XmlAttribute()] public bool bIsAssembly;
       [XmlAttribute()] public bool bIsConstructor;
       [XmlAttribute()] public bool bIsFamily;
       [XmlAttribute()] public bool bIsFinal;
       [XmlAttribute()] public bool bIsGenericMethod;
       [XmlAttribute()] public bool bIsGenericMethodDefinition;
       [XmlAttribute()] public bool bIsHideBySig;
       [XmlAttribute()] public bool bIsPrivate;
       [XmlAttribute()] public bool bIsPublic;
       [XmlAttribute()] public bool bIsSpecialName;
       [XmlAttribute()] public bool bIsStatic;
       [XmlAttribute()] public bool bIsVirtual;        
       public List<string> strCalls = new List<string>();
       public List<string> strUsedBy = new List<string>();
   }
   [Serializable]
   public class fField
   {
       [XmlAttribute()] public string Name;
   }
   [Serializable]
   public class pProperty
   {
       [XmlAttribute()] public string Name;
   }
}


Output Sample

The output is a serialized version of the populated AssemblyRawData object 

<?xml version="1.0"?>
<AssemblyRawData xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
 <aAssemblies>
   <aAssembly Name="AssemblyAnalyzer, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null">
     <strAttributes>
       <string>System.Reflection.AssemblyConfigurationAttribute</string>
       <string>System.Reflection.AssemblyTitleAttribute</string>
       <string>System.Reflection.AssemblyCompanyAttribute</string>
       <string>System.Reflection.AssemblyFileVersionAttribute</string>
       <string>System.Reflection.AssemblyProductAttribute</string>
       <string>System.Diagnostics.DebuggableAttribute</string>
       <string>System.Runtime.CompilerServices.CompilationRelaxationsAttribute</string>
       <string>System.Runtime.CompilerServices.RuntimeCompatibilityAttribute</string>
       <string>System.Reflection.AssemblyDescriptionAttribute</string>
       <string>System.Runtime.InteropServices.GuidAttribute</string>
       <string>System.Runtime.InteropServices.ComVisibleAttribute</string>
       <string>System.Reflection.AssemblyTrademarkAttribute</string>
       <string>System.Reflection.AssemblyCopyrightAttribute</string>
     </strAttributes>
     <mModules>
       <mModule Name="AssemblyAnalyzer.exe">
         <FullyQualifiedName>F:\_Research\_MS session in Seattle\AssemblyAnalyzer\bin\AssemblyAnalyzer.exe</FullyQualifiedName>
         <tTypes>
           <tType FullName="Owasp.AssemblyAnalyzer.Properties.Resources" Name="Resources" Namespace="Owasp.AssemblyAnalyzer.Properties" bIsAbstract="false" bIsAnsiClass="true" bIsArray="false" bIsAutoClass="false" bIsAutoLayout="true" bIsByRef="false" bIsClass="true" bIsCOMObject="false" bIsContextful="false" bIsEnum="false" bIsExplicitLayout="false" bIsGenericParameter="false" bIsGenericType="false" bIsGenericTypeDefinition="false" bIsImport="false" bIsInterface="false" bIsLayoutSequential="false" bIsMarshalByRef="false" bIsNested="false" bIsNestedAssembly="false" bIsNestedFamily="false" bIsNestedPrivate="false" bIsNestedPublic="false" bIsNotPublic="true" bIsPointer="false" bIsPrimitive="false" bIsPublic="false" bIsSealed="false" bIsSerializable="false" bIsSpecialName="false" bIsUnicodeClass="false" bIsValueType="false" bIsVisible="false">
             <strTypeAttributes>AutoLayout, AnsiClass, Class, BeforeFieldInit</strTypeAttributes>
             <strAttributes>
               <string>System.Diagnostics.DebuggerNonUserCodeAttribute</string>
               <string>System.Runtime.CompilerServices.CompilerGeneratedAttribute</string>
               <string>System.CodeDom.Compiler.GeneratedCodeAttribute</string>
             </strAttributes>
             <mMethods>
               <mMethod Name="GetType" bIsAbstract="false" bIsAssembly="false" bIsConstructor="false" bIsFamily="false" bIsFinal="false" bIsGenericMethod="false" bIsGenericMethodDefinition="false" bIsHideBySig="true" bIsPrivate="false" bIsPublic="true" bIsSpecialName="false" bIsStatic="false" bIsVirtual="false">
                 <strCalls />
                 <strUsedBy />
               </mMethod>
               <mMethod Name="ToString" bIsAbstract="false" bIsAssembly="false" bIsConstructor="false" bIsFamily="false" bIsFinal="false" bIsGenericMethod="false" bIsGenericMethodDefinition="false" bIsHideBySig="true" bIsPrivate="false" bIsPublic="true" bIsSpecialName="false" bIsStatic="false" bIsVirtual="true">
                 <strCalls />
                 <strUsedBy />
               </mMethod>
               <mMethod Name="Equals" bIsAbstract="false" bIsAssembly="false" bIsConstructor="false" bIsFamily="false" bIsFinal="false" bIsGenericMethod="false" bIsGenericMethodDefinition="false" bIsHideBySig="true" bIsPrivate="false" bIsPublic="true" bIsSpecialName="false" bIsStatic="false" bIsVirtual="true">
                 <strCalls />
                 <strUsedBy />
               </mMethod>
               <mMethod Name="GetHashCode" bIsAbstract="false" bIsAssembly="false" bIsConstructor="false" bIsFamily="false" bIsFinal="false" bIsGenericMethod="false" bIsGenericMethodDefinition="false" bIsHideBySig="true" bIsPrivate="false" bIsPublic="true" bIsSpecialName="false" bIsStatic="false" bIsVirtual="true">
                 <strCalls />
                 <strUsedBy />
               </mMethod>
             </mMethods>
             <fFields />
             <pProperties />
           </tType>
           <tType FullName="Owasp.AssemblyAnalyzer.utils.serialization" Name="serialization" Namespace="Owasp.AssemblyAnalyzer.utils" bIsAbstract="false" bIsAnsiClass="true" bIsArray="false" bIsAutoClass="false" bIsAutoLayout="true" bIsByRef="false" bIsClass="true" bIsCOMObject="false" bIsContextful="false" bIsEnum="false" bIsExplicitLayout="false" bIsGenericParameter="false" bIsGenericType="false" bIsGenericTypeDefinition="false" bIsImport="false" bIsInterface="false" bIsLayoutSequential="false" bIsMarshalByRef="false" bIsNested="false" bIsNestedAssembly="false" bIsNestedFamily="false" bIsNestedPrivate="false" bIsNestedPublic="false" bIsNotPublic="true" bIsPointer="false" bIsPrimitive="false" bIsPublic="false" bIsSealed="false" bIsSerializable="false" bIsSpecialName="false" bIsUnicodeClass="false" bIsValueType="false" bIsVisible="false">
             <strTypeAttributes>AutoLayout, AnsiClass, Class, BeforeFieldInit</strTypeAttributes>
             <strAttributes />
             <mMethods>
               <mMethod Name="returnStringOfSerializedObject" bIsAbstract="false" bIsAssembly="false" bIsConstructor="false" bIsFamily="false" bIsFinal="false" bIsGenericMethod="false" bIsGenericMethodDefinition="false" bIsHideBySig="true" bIsPrivate="false" bIsPublic="true" bIsSpecialName="false" bIsStatic="true" bIsVirtual="false">
                 <strCalls>
                   <string>System.Object.GetType</string>
                   <string>System.Xml.Serialization.XmlSerializer..ctor</string>
                   <string>System.Object.GetType</string>
                   <string>System.Xml.Serialization.XmlSerializer..ctor</string>
                   <string>System.IO.MemoryStream..ctor</string>
                   <string>System.Xml.Serialization.XmlSerializer.Serialize</string>
                   <string>System.IO.Stream.Flush</string>
                   <string>System.IO.Stream.set_Position</string>
                   <string>System.IO.Stream.get_Length</string>
                   <string>System.IO.Stream.get_Length</string>
                   <string>System.IO.Stream.Read</string>
                   <string>System.Text.Encoding.get_UTF8</string>
                   <string>System.Text.Encoding.GetString</string>
                 </strCalls>
                 <strUsedBy />
               </mMethod>
               <mMethod Name="returnDeSerializedObjectOfSerializedString" bIsAbstract="false" bIsAssembly="false" bIsConstructor="false" bIsFamily="false" bIsFinal="false" bIsGenericMethod="false" bIsGenericMethodDefinition="false" bIsHideBySig="true" bIsPrivate="false" bIsPublic="true" bIsSpecialName="false" bIsStatic="true" bIsVirtual="false">
                 <strCalls>
                   <string>System.Xml.Serialization.XmlSerializer..ctor</string>
                   <string>System.Text.Encoding.get_UTF8</string>
                   <string>System.Text.Encoding.GetBytes</string>
                   <string>System.IO.MemoryStream..ctor</string>
                   <string>System.Xml.Serialization.XmlSerializer.Deserialize</string>
                 </strCalls>
                 <strUsedBy />
               </mMethod>
Retrieved from "https://wiki.owasp.org/index.php?title=.Net_Assembly_Analyzer&oldid=8318"