crassy
December 17th, 2008, 04:55
So I had this dll that I needed to edit a few bytes in. It was strong named, so at first I went for just editing the bytes and registering it for verification skipping (sn -Vr). No luck there, the exe using it throws an exception.
Fair enough, I then tried the old trick of setting the strong name sig length to 00 - didn't work either, another type of exception this time. Damn it!
So at last I disassembled it using ildasm, edited the offending code part out and ilasmed it back. And look, the app started! No exceptions or anything, the damn assembly has clearly been tampered with and still it runs!
Now I kinda like the idea of editing the binary directly without going through the whole stupid ildasm/ilasm process, makes patching so much easier. So can someone point me to the answer - why would disasm/asm work but direct editing fail????
Fair enough, I then tried the old trick of setting the strong name sig length to 00 - didn't work either, another type of exception this time. Damn it!
So at last I disassembled it using ildasm, edited the offending code part out and ilasmed it back. And look, the app started! No exceptions or anything, the damn assembly has clearly been tampered with and still it runs!
Now I kinda like the idea of editing the binary directly without going through the whole stupid ildasm/ilasm process, makes patching so much easier. So can someone point me to the answer - why would disasm/asm work but direct editing fail????