开发者

Hook on mscorlib (System.Security.Cryptography.CryptoStream) to log parameters

开发者 https://www.devze.com 2023-03-15 17:46 出处:网络
I want to log the parameters which are given to a CryptoStream object in an application, to log the plaintext before it is encrypted.

I want to log the parameters which are given to a CryptoStream object in an application, to log the plaintext before it is encrypted.

I want to do this dynamically, without tampering with the original file. Is there a way to create a "layer" between the app and the framework to interce开发者_如何学运维pt the desired function calls, write the desired parameter to a text file, and then pass control back to the framework?

If yes, could you point me in the right direction, and give a sample?

And for those who have legal concerns about this (this sounds like a s/w cracking question, I know ;) ) : I have the permission of the developer to do this.


I think you can do it either writing a specific debugger or a specific profiler. Here is a link to the CLR Managed Debugger (mdbg) Sample 4.0 and a link to the CLR Profiler for .NET Framework 4 (sources and binaries)


There are several ways to do this without tampling the original file: 1.Using the SSCLI, use clix.exe to start your application and set break points in CLR source code. 2.Using Windbg+SOS.dll and load the symbols from MS, set breakpoints before the method entry. 3.the third way is new in blackhat converence. modify the system.*.dll of MS. make it to MSIL and add some IL in the Crypto method. and build it back to dll and make the application use it.

0

精彩评论

暂无评论...
验证码 换一张
取 消