http://ntcore.com/Files/netint_injection.htm

The first article of the two is out. The next will be about .NET native compiling.

If you notice typos in the text, please do tell me. I'm a bit wasted, as you can see it's a long article.

The content should be quite a new thing. I hope you enjoy the journey into the .NET internals from the perspective of a reverser.

Also the applications of this can be many.

What to say? =)

The first real big analysis of .NET Internals, full of starting points for other great ideas!

Big Work, big Congratz Daniel

Very interesting and illuminating information, as usual, Daniel. Keep them coming.

Regards,

Thanks evilcry and JMI. I'll do the best to continue writing useful things. I hope the next article will be even more useful.

Let's wait for rendari's comment on this. After all, the article contains his crackme among other things.

Extremely solid stuff Daniel, as usual.

Haha, awesome

Tremendous.
It's reassuring to know that somebody so capable is paving the way for the inevitable future of .NET reversing .

It's a very interesting read Daniel. As you requested to be notified of typos:



And this is about all that code injectors ought to know to do their job.

Thanks for the read.

Thanks dELTA and rendari. Many thanks Admiral! And many thanks also to Iwarez, I just fixed the typo!

Excellent fantastic
Great work Daniel

your article was really worth the curiosity generated.

GEEK

Again, excellent work Daniel. Just reread the article a couple of times til I understood everything I see you also noticed GetCLRFunction. I do believe that is one of the lamest/most useless functions I've ever seen

Now that I see how you're "ejecting" my code, I have a bunch of ideas kicking around inside my head about how to thrawt you. Now all I have to do is find the time to put those ideas down in code. I'll be sure to start on it as soon as I find the time

That was nice. I tend to steer away from .NET but I did think this was time well spent. Conclusion dead on. Thank you for the contribution was fun, look forward to other ideas.

Many thanks GEEK. I'm glad you weren't disappointed. Thanks Sab.

rendari:thanks. The getclrfunc is very lame indeed, but getrealproc wins in lameness, imho. If I was you, I'd wait the next article before writing a new crackme. I'll show how to "native compile" and I think one can't go further in .NET protections (using a VM is the same procedure).

Alright, waiting for it. Gonna be a lot of fun I suppose

the best paper i'v ever read. thanks Daniel

Well, that's too much I might say. Anyway, I thank you for your appreciation. I'll do my best for the next article. I also apologize for the late reply, but my attention has been focused these days on other things not related to .NET. Anyway, in a few days I'm sure I can write the second part.