Date post: | 31-Dec-2015 |
Category: |
Documents |
Upload: | cora-mccormick |
View: | 212 times |
Download: | 0 times |
Attacking .NET Application at Runtime
An Object Level Attack
Jon McCoyDigitalbodyGuard.com
This presentation will cover.
•How to evaluate Closed-Source .NET applications
•Tools to gain access to running apps
•Show how incredibly vulnerable .NET applications are
•Soft Spots on Programs to Attack
Tools overview
•Tools to do reconnaissance, on the structure of .NET programs
•Payloads to deploy inside of target apps
•Beta - Decompilation Tool targeted at .NET Applications protected by wrappers/shells
What is the attack?
Gain access to a target application Access the Object structure
Target/Evaluate GUI/Logic/State
•Subvert core logic
•Instantiate new Features/State
What is a .NET Process
Gain access to a target application
Access the Object structure
Find the GUI/Logic/State
•Subvert core logic
•Instantiate new Features/State
Another Idea of Runtime in .NET
What is the attack?
1. Accessing Running .NET Program
2. Run Payload
2. Access targets Object structure
3. Modify values and/or Objects
A Runtime Application
Demo Connecting
Demo Connection To Running .NET app
Connect to the target application
•Inject Code
•Infect the target's code
• Infect the Framework
And Exploit
Demo: Connection
Injection
&
Exploit
What is going on
End to END
Demo: Visual Studio
Attacking from one line of
code
Moving in a Live Applocation
More about Moving
Demo: Power Shell
Attacking from the Keyboard
A Hacked Runtime Application
Demo: Other Ways In
TBD
Why is this better
Thanks To The
Related Works of
James Devlinwww.codingthewheel.com
Sorin Serbanwww.sorin.serbans.net/blog
Erez Metula www.appsec.co.il
More information at:
FIN < NULL
http://www.DigitalbodyGuard.com
More information at:
FIN > NULL
http://www.DigitalbodyGuard.com
More information at:
FIN < NULL
http://www.DigitalbodyGuard.com
Some stuff to check out
Erez Metula
BOOK: Managed Code Rootkitshttp://www.amazon.com/Managed-Code-Rootkits-Hooking-Environments/dp/
1597495743/ref=sr_1_1?ie=UTF8&s=books&qid=1275638178&sr=1-1
at his website:
http://www.appsec.co.il/
License
This Presentation and tool are licensed under
Creative Commons
Attribution-NonCommercial-ShareAlike 3.0