验证 .NET Framework 程序集 [英] Validating .NET Framework Assemblies
问题描述
我刚刚浏览了我们的德国 VB.NET 论坛 有一些有趣的事情让我有点头疼.
I just went through our german VB.NET forums and there was something interesting that gives me some kind of headache.
实际上可以使用 ReflexIL 或其他一些 IL 编辑器编辑 .NET Framework 程序集.您唯一需要绕过的是程序集的强名称签名.更改程序集 IL 后,您必须运行 sn.exe -Vr [assemblyname] 以跳过强名称验证.之后,您必须清除缓存的本机图像.只需通过 C:Windowsassembly 目录并删除与您的程序集相关的每个图像.然后重启.登录后,运行 ngen install [assemblyname].现在生成新原生图像.
It is actually possible to edit the .NET Framework assemblies using ReflexIL or some other IL editor. The only thing you have to bypass is the Strong Name signature of the assembly. After changing the assembly IL, you have to run sn.exe -Vr [assemblyname] to kinda skip the strong name validation. After that you have to clear the cached native images. Just go through the C:Windowsassembly directory and delete every image related to your assembly. Then reboot. When you are logged in, run ngen install [assemblyname]. Now the new native images are generated.
这有效.我在我的虚拟环境 (Windows XP x86) 中验证了这个过程.现在最让我担心的是您可以轻松绕过 .NET VerifyHash 或 RSACryptoServiceProvider 的 VerifyData 方法.这实际上也有效.我和我的一个朋友测试可以验证这个问题(查看屏幕截图).那相当容易.
This works. I verified this procedure in my virtual environment (Windows XP x86). Now the thing that worries me the most is that you can easily bypass the .NET VerifyHash or VerifyData methods of the RSACryptoServiceProvider. This actually works, too. A friend of mine and me tested could verify this issue (see screenshots). That was fairly easy.
例如,如果我要创建一个基于 .NET Framework 加密类的许可系统,它可以被绕过系统范围,用于每个 .NET 应用程序系统使用框架.此外,每个人都可以记录和更改我调用的函数的输入,只需挂入方法即可.
For example, if I'd create a licensing system built on the .NET Framework cryptography classes, it could be bypassed system-wide for every .NET application on the system using the framework. Also, everybody can log and change the input of functios that I call just by hooking into the methods.
现在我的问题是:既然这可能是一个大问题,我该怎么做呢?当然,恶意用户可以只编辑我的 应用程序,但这不会像在系统范围内进行此操作那么糟糕.我正在考虑一些框架校验和验证,但由于 .NET 框架有很多不同的更新,这似乎是不可能的.
Now my question is: Since this can be a huge problem, how can I do something about that? Of course a malicious user could just edit my application, but that would not be as bad as doing this system-wide. I was thinking about some framework checksum validation, but since there are alot of different updates for the .NET Framework, this seems to be impossible.
任何解决方案或建议?微软是否以某种方式解决了这个问题?
Any solutions or suggestions? Does Microsoft take care of this problem in some way?
推荐答案
如果攻击者对您的计算机具有管理员访问权限(这是您描述的攻击所必需的),那么您几乎已经输了.您可以做的任何事情都可能被攻击者规避.
If an attacker has admin access to your computer (which is required for the attack you described), then you've pretty much lost. Anything you could do could be circumvented by the attacker.
因此,我认为试图防御这种类型的攻击是完全没有意义的.如果您必须处理不受信任的、可能受到威胁的计算机,那么您就不能相信它们会做任何敏感的事情,而您必须在自己的服务器上或类似的事情上做.
Because of that, I think it is completely pointless trying to defend against this type of attack. If you have to deal with untrusted, potentially compromised computers, then you simply can't trust them to do anything sensitive and you have to do it on your own server, or something like that.
这篇关于验证 .NET Framework 程序集的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
