如何防止运行时MSIL注入? [英] How to prevent MSIL runtime injection?
问题描述
因为在这里看到纲领性MSIL注入或这里的 http://www.codeproject.com/Articles/463508/NET-CLR - 注射 - 修改 - IL-代码中的运行时你可以在运行时使用一些棘手的修改注射IL代码。
我的问题是:如何预防呢?举例来说,如果有人用它来绕过安全功能,我怎么能避免安全漏洞?
如何预防呢?
您不能,据我了解。但你可以做到让它不容易。
在简单的情况下,你甚至不需要注射IL。你可以做IL织修改装配。例如,你可以找到登录方法蚁删除原来的IL代码并简单地返回
真正,也可以跳转到自己的登录方法。公共布尔登录(用户名字符串)
{
//原始的方法做了安全检查
//并且返回是否属实授权用户
//您的实现可以返回true或跳转到其他方法
}
有关这一点,你必须要做到这一点,当应用程序没有运行,在修改程序集本身。你可以用
Mono.Cecil能做到做到这一点,你可以看看上的例如StaticProxy.Fody 。
另一种情况是代码注入到运行组件。这是要分两种情况:
- 当代码不jitted\\\
gen'd
- 在当前的代码是jitted\\\
gen'd
对于第一种情况是比较容易的,你还有的IL每个方法和你注入自己的IL指令。
第二种情况是比较复杂的,因为抖动重定向IL指针机器代码。
有关他们两个人你可以看到一堆articles\libraris,使进样的工作。
但是,即使你不过使它无法注入,你还是得不到保障。因为你可以修改字节本身。请参见详情这篇文章。
有关上述所有方法,有情况时,它更复杂的做的工作。例如,泛型,DynamicMethods,防止负载组件到你的进程(这是需要在某些情况下)。
要总结,你可以做到这一点非常难注入代码但无法阻止它。
As seen here Programmatic MSIL injection or here http://www.codeproject.com/Articles/463508/NET-CLR-Injection-Modify-IL-Code-during-Run-time you can modify IL code at runtime using some tricky injections.
My question is : how to prevent that? For instance, if someone use that to bypass a security feature, how can i avoid that security hole?
解决方案how to prevent that?
You can't, as far as I understand. But you can do make it not easy.
In the simple case, you don't even need to inject IL. You can do IL weaving to modify the assembly. For example, you can find the login method ant delete the original IL code and simply return
true, or you can jump to your own login method.public bool Login(string userName) { // original method did security checks // and return true if the user is authorized // your implementation can return true or jump to other method }For this you must to do it when the application is not running, you modifying the assembly itself. You can do it with
mono.ceciland you can look on StaticProxy.Fody for example.The other case is inject code to running assembly. and this is divide to two cases:
- When the code isn't jitted\ngen'd
- When the code is jitted\ngen'd
For the first case is more easy, You still have the IL of each method and you inject your own IL instructions.
The second case is more complex because the Jitter redirect the IL pointer to the machine code.
For two of them you can see a bunch of articles\libraris to make the inject work.
But even if you however make it impossible to inject, you still not protected. Because you can modify the bytes itself. See this article for details.
For all above method, there is cases when it more complex to do the work. For example, Generics, DynamicMethods, prevent load assemblies to your process (which is needed in some cases).
To summarize, you can do it very hardly to inject your code but not prevent it.
这篇关于如何防止运行时MSIL注入?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
