DOCSLIB.ORG

Advanced Programming

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Advanced Programming 301AA - Advanced Programming Lecturer: Andrea Corradini [email protected] http://pages.di.unipi.it/corradini/ AP-10: Components: the Microsoft way Overview • The Microsoft approach to components • DDE, OLE, COM, ActiveX, … • The .NET framework • Common Language Runtime • .NET components • Composition by aggregation and containment • Communication by Events and Delegates Chapter 15, sections 15.1, 15.2, 15.4, 15.11, and 15.12 of Component Software: Beyond Object-Oriented Programming. C. Szyperski, D. Gruntz, S. Murer, Addison- Wesley, 2002. 2 Distributed Component Technologies The goal: - Integration of services for applications on various platforms - Interoperability: let disparate systems communicate and share data seamlessly Approaches: - Microsoft: DDE, COM, OLE, OCX, DCOM and ActiveX - Sun: JavaBeans, Enterprise JavaBeans, J2EE - CORBA (Common Object Request Broker Architecture) - Mozilla: XPCOM (Gecko functionality as components) - SOAP (using XML) 3 The Microsoft Approach • Continuous re-engineering of existing applications • Component technology introduced gradually taking advantage of previous success, like – Visual Basic controls – Object linking and embedding (OLE) – Active X, ASP • Solutions mainly adopted on MS platforms • Review from older approaches to .NET + CLR 4 COM: Component Object Model • Underlying most MS component technologies (before .NET) • Made available on other platforms, but with little success • COM does not prescribe language, structure or implementation of an application • COM only specifies an object model and programming requirements that enable COM components to interact • COM is a binary standard for interfaces • Only requirement: code is generated in a language that can create structures of pointers and, either explicitly or implicitly, call functions through pointers. • Immediate for some languages (C++, SmallTalk) but possible for many others (C, Java, VBscript,…) 5 8557 Chapter 15 p329-380 8/10/02 12:24 pm Page 331 COMThe first fundamental interfaces wiring model – COM and components331 Client Interface • A COM interface is a pointer to an variable node Op 1 interface node, which is a pointer Op 2 to a table of function pointers (also called vtable) • Note the double indirection Component Op n Figure 15.1 Binary representation• Invocation of a COM specification interface. : when an operation (method) of the interface is invoked, a pointer to the interface itself is passed as the calling convention,additional which is argument the specification (like self of whator this exactly) is passed when calling an operation– The from pointer an interface. can be used to access instance variables Methods of an• objectCOM have component one additionalmay implementparameter – anythe objectnumber they of interfaces. belong to. This parameter is sometimes called self or this. Its declaration is hidden in most object-oriented• The entire languages,implementation but a few, can including be a defined Component in a single class, but it Pascal, make it explicit.does The not point have is thatto be. the interface pointer is passed as a self-parameter to •anyA of component the interface’s can operations. contain This many allows objects operations of different in a classes that COM interface to exhibitcollectively true object provide characteristics. the implementation In particular, the ofinterface the interfaces provided node can be used to byrefer the internally component. to instance variables. It is even possible to attach instance variables directly to the interface node, but this is not normally done. It is, however, quite common to store pointers that simplify the lookup 6 of instance variables and the location of other interfaces. A COM component is free to contain implementations for any number of interfaces. The entire implementation can be a single class, but it does not have to be. A component can just as well contain many classes that are used to instantiate objects of just as many different kinds. These objects then collec- tively provide the implementation of the interfaces provided by the component. Figure 15.2 shows a component that provides three different interfaces and uses two different objects to implement these. In Figure 15.2, object 1 implements interfaces A and B, whereas object 2 implements interface C. The dashed pointers between the interface nodes are used internally as it must be possible to get from each node to every other node. The unusual layout of objects and vtables is just what COM prescribes if such an n-to-m relationship between objects and interfaces is desired. However, without proper language support, it is not likely that many compo- nents will take such a complex shape. What is important, though, is that there is no single object part that ever leaves the component and represents the entire COM object. A COM component is not necessarily a traditional class and a COM object is not necessarily a traditional single-bodied object. However, a COM object can be such a traditional object and all of its inter- faces can be implemented in a single class by using multiple inheritance (Rogerson, 1997). There are two important questions to be answered at this point. How does a client learn about other interfaces and how does a client compare the identity 8557 Chapter 15 p329-380 8/10/02 12:24 pm Page 332 A COM component with 3 interfaces 332 andThe Microsoft2 objects way: COM, OLE/ActiveX, COM+, and .NET CLR Client Interface • Object 1 implements variables node A Interfaces A and B, Op A1 • Object 2 implements Op A2 Interface C Interface Object 1 • Interfaces must be node B mutually reachable Op B1 • Possible according to Op B2 COM specification, Op B3 rare in practice Interface Object 2 node C Op C1 Op C2 Figure 15.2 A COM object with multiple interfaces. of COM objects? Surprisingly, these two questions are closely related. Every COM interface has a common first method named QueryInterface. Thus, the first slot of the function table of any COM interface points to a QueryInterface operation. There are two further methods shared by all interfaces. These are explained below. QueryInterface takes the name of an interface, checks if the current COM object supports it, and, if so, returns the corresponding interface reference. An error indication is returned if the interface queried for is not supported. On the level of QueryInterface, interfaces are named using interface identifiers (IIDs). An IID is a GUID (Chapter 12), which is a 128-bit number guaran- teed to be globally unique. COM uses GUIDs for other purposes also. As every interface has a QueryInterface operation, a client can get from any provided interface to any other. Once a client has a reference to at least one interface, it can obtain access to all others provided by the same COM object. Recall that interface nodes are separate and therefore cannot serve to identify a COM object uniquely. However, COM requires that a given COM object returns the same interface node pointer each time it is asked for the IUnknown interface. As all COM objects must have an IUnknown interface, the identity of the IUnknown interface node can serve to identify the entire COM object. To ensure that this identity is logically preserved by interface navigation, the QueryInterface contract requires that any successful query yields an interface that is on the same COM object – that is, establishes the same identify via queries for IUnknown. To enable sound reasoning, the set of interfaces explorable by queries must be an equivalence class. This means that the queries are reflexive in that if they ask for an interface by querying that same interface, they will succeed. They are also symmetrical in that if they ask for an interface, 8557 Chapter 15 p329-380 8/10/02 12:24 pm Page 334 334 The Microsoft way: COM, OLE/ActiveX, COM+, and .NET CLR IUnknown COM Interfaces IOleObject IDataObject • Identity determined by Globally unique identifiers IPersistStorage (GUID) (128 bits) or (non-unique) name IOleDocument • IUnknown: root of interface hierarchy, includes: – QueryInterface Figure 15.3 Depiction of a COM object. – AddRef and Release (for Garbage Collection via Reference Counting) although this particular node may have no remaining references. This is nor- • QueryInterface (GUID ->mally Interface acceptable, reference/error) and sharing allows of a single to know reference if count is the usual approach. an interface is implemented byIn the some component cases, interface nodes may be resource intensive, such as when they • “Invocations to QueryInterfacemaintainarg a largeument cache IUnknown structure.on A theseparate same reference count for such an inter- component must return the sameface nodeaddress” can then be used to release that node as early as possible. (This technique of creating and deleting interface nodes as required is sometimes • Thus IUnknown used to get thereferred “identity” to as “tear-off of a component interfaces.”) [ uuid(00000000-0000-0000-C000-000000000046)On creation ]of interface an object IUnknown or node,{ the reference count is initialized to 1 HRESULT QueryInterface ([in] constbefore IID iid ,handing [out, iid_is out(iid a )]first IUnknown reference.iid );Each time a copy of a reference is created, unsigned long AddRef (); the count must be incremented (AddRef). Each time a reference is given up, the unsigned long Release (); } count must be decremented (Release). As soon as a reference count reaches zero, the COM object has become unreachable and should therefore self- destruct. As part of its destruction, it has to 8release all references to other objects that it might still hold, calling their Release methods. This leads to a recursive destruction of all objects exclusively held by the object under destruc- tion. Finally, the destructed object returns the memory space it occupied. Reference counting is a form of cooperative garbage collection. As long as all involved components play by the rules and cooperate, memory will be safely deallocated. At least, objects will never be deallocated while references still exist. Reference counting has the well-known problem that it cannot deal with cyclic references.
Load more

Recommended publications
  • Domain-Specific Programming Systems
    Lecture 22: Domain-Specific Programming Systems Parallel Computer Architecture and Programming CMU 15-418/15-618, Spring 2020 Slide acknowledgments: Pat Hanrahan, Zach Devito (Stanford University) Jonathan Ragan-Kelley (MIT, Berkeley) Course themes: Designing computer systems that scale (running faster given more resources) Designing computer systems that are efficient (running faster under constraints on resources) Techniques discussed: Exploiting parallelism in applications Exploiting locality in applications Leveraging hardware specialization (earlier lecture) CMU 15-418/618, Spring 2020 Claim: most software uses modern hardware resources inefficiently ▪ Consider a piece of sequential C code - Call the performance of this code our “baseline performance” ▪ Well-written sequential C code: ~ 5-10x faster ▪ Assembly language program: maybe another small constant factor faster ▪ Java, Python, PHP, etc. ?? Credit: Pat Hanrahan CMU 15-418/618, Spring 2020 Code performance: relative to C (single core) GCC -O3 (no manual vector optimizations) 51 40/57/53 47 44/114x 40 = NBody 35 = Mandlebrot = Tree Alloc/Delloc 30 = Power method (compute eigenvalue) 25 20 15 10 5 Slowdown (Compared to C++) Slowdown (Compared no data no 0 data no Java Scala C# Haskell Go Javascript Lua PHP Python 3 Ruby (Mono) (V8) (JRuby) Data from: The Computer Language Benchmarks Game: CMU 15-418/618, http://shootout.alioth.debian.org Spring 2020 Even good C code is inefficient Recall Assignment 1’s Mandelbrot program Consider execution on a high-end laptop: quad-core, Intel Core i7, AVX instructions... Single core, with AVX vector instructions: 5.8x speedup over C implementation Multi-core + hyper-threading + AVX instructions: 21.7x speedup Conclusion: basic C implementation compiled with -O3 leaves a lot of performance on the table CMU 15-418/618, Spring 2020 Making efficient use of modern machines is challenging (proof by assignments 2, 3, and 4) In our assignments, you only programmed homogeneous parallel computers.
    [Show full text]
  • Interaction Designer COM API Reference Printed Help
    PureConnect® 2020 R1 Generated: 28-February-2020 Interaction Designer COM Content last updated: 09-January-2020 API Reference See Change Log for summary of changes. Printed Help Abstract This document contains Component Object Model (COM) Application Programming Interface (API) reference content for Interaction Designer. For the latest version of this document, see the PureConnect Documentation Library at: http://help.genesys.com/cic. For copyright and trademark information, see https://help.genesys.com/cic/desktop/copyright_and_trademark_information.htm. 1 Table of Contents Table of Contents 2 Introduction 13 The Component Object Model 13 Interface-based programming using objects 13 Objects exposed by Designer COM API 13 Other objects represent steps, links between steps, and tool step exit paths. 14 COM Interface Information 14 Naming Conventions in the Designer COM API Reference 15 About GUIDs, UUIDs, and CLSIDs 15 COM Clients and Servers 15 General Programming Tips 16 Interfaces 17 II3ID Interface 19 Overview 19 Methods 19 Properties 20 II3ID::CreateHandler Method 21 II3ID::CurrentHandler Method 22 II3ID::EscapeString Method 22 II3ID::GetErrorMessage Method 23 II3ID::GetLicenseInfo Method 23 II3ID::MessageBox Method 24 II3ID::OpenHandler Method 25 II3ID::QueryNativeTypeName Method 25 II3ID::ReadProfileLong Method 26 II3ID::ReadProfileString Method 27 II3ID::RegisterForIdEvents Method 28 II3ID::UnescapeString Method 28 II3ID::WriteProfileLong Method 29 II3ID::WriteProfileString Method 30 II3ID::CurrentHandlerSelectedSteps Property
    [Show full text]
  • Eagle: Tcl Implementation in C
    Eagle: Tcl Implementation in C# Joe Mistachkin <[email protected]> 1. Abstract Eagle [1], Extensible Adaptable Generalized Logic Engine, is an implementation of the Tcl [2] scripting language for the Microsoft Common Language Runtime (CLR) [3]. It is designed to be a universal scripting solution for any CLR based language, and is written completely in C# [4]. Su- perficially, it is similar to Jacl [5], but it was written from scratch based on the design and imple- mentation of Tcl 8.4 [6]. It provides most of the functionality of the Tcl 8.4 interpreter while bor- rowing selected features from Tcl 8.5 [7] and the upcoming Tcl 8.6 [8] in addition to adding en- tirely new features. This paper explains how Eagle adds value to both Tcl/Tk and CLR-based applications and how it differs from other “dynamic languages” hosted by the CLR and its cousin, the Microsoft Dy- namic Language Runtime (DLR) [9]. It then describes how to use, integrate with, and extend Ea- gle effectively. It also covers some important implementation details and the overall design phi- losophy behind them. 2. Introduction This paper presents Eagle, which is an open-source [10] implementation of Tcl for the Microsoft CLR written entirely in C#. The goal of this project was to create a dynamic scripting language that could be used to automate any host application running on the CLR. 3. Rationale and Motivation Tcl makes it relatively easy to script applications written in C [11] and/or C++ [12] and so can also script applications written in many other languages (e.g.
    [Show full text]
  • Starting up an Application Domain
    04_596985 ch01.qxp 12/14/05 7:46 PM Page 1 Initial Phases of a Web Request Before the first line of code you write for an .aspx page executes, both Internet Information Services (IIS) and ASP.NET have performed a fair amount of logic to establish the execution context for a HyperText Transfer Protocol (HTTP) request. IIS may have negotiated security credentials with your browser. IIS will have determined that ASP.NET should process the request and will perform a hand- off of the request to ASP.NET. At that point, ASP.NET performs various one-time initializations as well as per-request initializations. This chapter will describe the initial phases of a Web request and will drill into the various security operations that occur during these phases. In this chapter, you will learn about the following steps that IIS carries out for a request: ❑ The initial request handling and processing performed both by the operating system layer and the ASP.NET Internet Server Application Programming Interface (ISAPI) filter ❑ How IIS handles static content requests versus dynamic ASP.NET content requests ❑ How the ASP.NET ISAPI filter transitions the request from the world of IIS into the ASP.NET world Having an understandingCOPYRIGHTED of the more granular portions MATERIAL of request processing also sets the stage for future chapters that expand on some of the more important security processing that occurs during an ASP.NET request as well as the extensibility points available to you for modifying ASP.NET’s security behavior. This book describes security behavior primarily for Windows Server 2003 running IIS6 and ASP.NET.
    [Show full text]
  • The Microsoft Way: COM, OLE/Activex, COM+, and .NET CLR
    8557 Chapter 15 p329-380 8/10/02 12:24 pm Page 329 CHAPTER FIFTEEN The Microsoft way: COM, OLE/ActiveX, COM+, and .NET CLR In a sense, Microsoft is taking the easiest route. Instead of proposing a global standard and hoping to port its own systems to it, it continually re-engineers its existing application and platform base. Component technology is intro- duced gradually, gaining leverage from previous successes, such as the original Visual Basic controls (VBX – non-object-oriented components!), object link- ing and embedding (OLE), OLE database connectivity (ODBC), ActiveX, Microsoft Transaction Server (MTS), or active server pages (ASP). In the standards arena, Microsoft focuses mostly on internet (IETF) and web (W3C) standards. More recently, some of its .NET specifications (CLI and C#) where adopted by ECMA – a European standards body with a fast track to ISO (ECMA, 2001a, 2001b). Microsoft is not trying to align its approaches with OMG or Java standards. While Java figured prominently in Microsoft’s strategy for a while, it has been relegated to a mere continuation of support of its older Visual J++ product – in part as a result of a settlement between Sun and Microsoft. In addition, under the name Visual J# .NET, Microsoft offers a migration tool to .NET, primarily targeting users of Visual J++ 6.0. As part of the .NET initiative, Microsoft is promoting language neutrality as a major tenet of CLR and aims to establish a new language, C#. C# adopts many of the successful traits of Java, while adding several distinctive features of its own (such as value types) and not supporting key Java features (such as inner classes).
    [Show full text]
  • Arquitectura .NET
    Distribution and Integration Technologies .NET Architecture Traditional Architectures Web Local Distributed Other applications applications applications applications GUI Network Scripts Data Other Services Services Web Access Services Libraries Execution environment (Posix, Win32, ...) Operating System .NET Architecture 2 Java Architecture Web Local Distributed Other applications applications applications applications Swing Enterprise Java Server JDBC Others Java Beans Pages Standard Java Packages Java Virtual Machine (JVM) Operating System .NET Architecture 3 .NET Architecture Web Local Distributed Other applications applications applications applications Windows Enterprise ASP.NET ADO.NET Others Forms Services .NET Framework Class Library (FCL) Common Language Runtime (CLR) Operating System .NET Architecture 4 Common Language Runtime (CLR) All .NET applications use the CLR The CLR is OO It is independent from high level languages The CLR supports: . A common set of data types for all languages (CTS) . An intermediate language independent from the native code (CIL) . A common format for compiled code files (assemblies) All the software developed using the CLR is known as managed code .NET Architecture 5 Common Type System (CTS) All the languages able to generate code for the CLR make use of the CTS (the CLR implements the CTS) heap There is 2 type categories: string . Value “abcdef” • Simple types stack • Allocated in the stack top class A 41 String: . Reference Double: 271.6 • Complex types • Allocated in the heap • Destroyed automatically
    [Show full text]
  • Object Oriented Programming
    A SYNOPSIS OF SOFTWARE TECHNOLOGIES USED IN TODAY’S ENGINEERING SOFTWARE Ashley Hull, Ph.D. Hasmet Genceli, Ph.D. Michael W. Hlavinka, Ph.D., P.E. Bryan Research & Engineering, Inc. P.O. Box 4747 Bryan, TX 77805 USA www.bre.com ABSTRACT Most engineers have little familiarity with the software technologies that provide the framework for the variety of applications they employ, from word processors to process simulators. While adequate for casual use of an application, a more thorough understanding of these technologies is required in order to extend an application and provide custom behavior. Usually the effort required to perform small customizations is not significant provided the framework is understood. This paper introduces Object-Oriented Programming (OOP), OLE Automation, and Extensible Markup Language (XML), three common technologies used in programs. A conceptual discussion of OOP is presented along with examples where the paradigm may be encountered. Automation is introduced with illustrations of how this feature can extend an application. Finally, XML is summarized along with a discussion of some of the tools and supporting technologies used with XML. The aim of this paper is to give a basic understanding of how and when these technologies can be exploited based on specific applications and tasks. A SYNOPSIS OF SOFTWARE TECHNOLOGIES USED IN TODAY’S ENGINEERING SOFTWARE INTRODUCTION Commercial software today is normally built upon several software technologies. These technologies provide a common framework that is consistent from one application to another. This framework is present in applications from word processors to process simulators. While an understanding of these technologies is not required for casual use of the application, some knowledge of this framework will be required to extend an application to provide custom behavior outside of the design of the vendor.
    [Show full text]
  • Programming with Windows Forms
    A P P E N D I X A ■ ■ ■ Programming with Windows Forms Since the release of the .NET platform (circa 2001), the base class libraries have included a particular API named Windows Forms, represented primarily by the System.Windows.Forms.dll assembly. The Windows Forms toolkit provides the types necessary to build desktop graphical user interfaces (GUIs), create custom controls, manage resources (e.g., string tables and icons), and perform other desktop- centric programming tasks. In addition, a separate API named GDI+ (represented by the System.Drawing.dll assembly) provides additional types that allow programmers to generate 2D graphics, interact with networked printers, and manipulate image data. The Windows Forms (and GDI+) APIs remain alive and well within the .NET 4.0 platform, and they will exist within the base class library for quite some time (arguably forever). However, Microsoft has shipped a brand new GUI toolkit called Windows Presentation Foundation (WPF) since the release of .NET 3.0. As you saw in Chapters 27-31, WPF provides a massive amount of horsepower that you can use to build bleeding-edge user interfaces, and it has become the preferred desktop API for today’s .NET graphical user interfaces. The point of this appendix, however, is to provide a tour of the traditional Windows Forms API. One reason it is helpful to understand the original programming model: you can find many existing Windows Forms applications out there that will need to be maintained for some time to come. Also, many desktop GUIs simply might not require the horsepower offered by WPF.
    [Show full text]
  • NET Technology Guide for Business Applications // 1
    .NET Technology Guide for Business Applications Professional Cesar de la Torre David Carmona Visit us today at microsoftpressstore.com • Hundreds of titles available – Books, eBooks, and online resources from industry experts • Free U.S. shipping • eBooks in multiple formats – Read on your computer, tablet, mobile device, or e-reader • Print & eBook Best Value Packs • eBook Deal of the Week – Save up to 60% on featured titles • Newsletter and special offers – Be the first to hear about new releases, specials, and more • Register your book – Get additional benefits Hear about it first. Get the latest news from Microsoft Press sent to your inbox. • New and upcoming books • Special offers • Free eBooks • How-to articles Sign up today at MicrosoftPressStore.com/Newsletters Wait, there’s more... Find more great content and resources in the Microsoft Press Guided Tours app. The Microsoft Press Guided Tours app provides insightful tours by Microsoft Press authors of new and evolving Microsoft technologies. • Share text, code, illustrations, videos, and links with peers and friends • Create and manage highlights and notes • View resources and download code samples • Tag resources as favorites or to read later • Watch explanatory videos • Copy complete code listings and scripts Download from Windows Store Free ebooks From technical overviews to drilldowns on special topics, get free ebooks from Microsoft Press at: www.microsoftvirtualacademy.com/ebooks Download your free ebooks in PDF, EPUB, and/or Mobi for Kindle formats. Look for other great resources at Microsoft Virtual Academy, where you can learn new skills and help advance your career with free Microsoft training delivered by experts.
    [Show full text]
  • Ultimate C#, .Net Interview Q&AE-Book
    Register your resume: www.terrafirmajobs.com _________________________________________________ www.terrafirmajobs.com Ultimate C#, .Net Interview Q&AE-book Free E-books available with Terra Firma Java Interview Q&A Terra Firma’s Interview Kit Are you stressed at your Desk Restore the rhythm of your life IT Resume writing tips Heart-Care Tips To get these free e-books, email to: [email protected] with the title of the e-book. Copy Right Note You are permitted to freely distribute/print the unmodified version of this issue/e-book/article. We are not attempting to obtain commercial benefit from the valuable work of the authors and the Editor/Publisher claims the ‘fair use’ of copyrighted material. If you think that by publishing a particular material, your copyright has been violated, please let us know. The Editor/Publisher is not responsible for statements or opinions expressed herein nor do such statements necessarily express the views of Editor/Publisher. 1 More Career Tips: http://www.terrafirmajobs.com/ITpros/IT_resources.asp?id=4 ______________________________________________________________________________ Register your resume: www.terrafirmajobs.com _________________________________________________ Index Chapter Name Page 1) C# interview Questions and Answers. 4 1.1) Advance C# interview Questions 2) General Questions 17 2.1 ) General Questions 2.2 ) Methods and Property 2.3) Assembly Questions 2.4) XML Documentation Question 2.5) Debugging and Testing 3) ADO.net and Database Question 26 4) C#, DOT NET, XML, IIS Interview Questions 28 4.1 ) Framework. 4.2 ) COM 4.3 ) OOPS 4.4 ) C# Language Features 4.5 ) Access Specifier 4.6 ) Constructor / Destructor 4.7 ) ADO.net 4.8 ) ASP.net 4.8.1) Session.
    [Show full text]
  • NET Hacking & In-Memory Malware
    .NET Hacking & In-Memory Malware Shawn Edwards Shawn Edwards Cyber Adversarial Engineer The MITRE Corporation Hacker Maker Learner Take stuff apart. Change it. Put Motivated by an incessant Devoted to a continuous effort it back together. desire to create and craft. of learning and sharing knowledge. Red teamer. Adversary Numerous personal and emulator. professional projects. B.S. in Computer Science. Adversary Emulation @ MITRE • Red teaming, but specific threat actors • Use open-source knowledge of their TTPs to emulate their behavior and operations • Ensures techniques are accurate to real world • ATT&CK (Adversarial Tactics Techniques and Common Knowledge) • Public wiki of real-world adversary TTPs, software, and groups • CALDERA • Modular Automated Adversary Emulation framework Adversary Emulation @ MITRE • ATT&CK • Adversarial Tactics Techniques and Common Knowledge • Public wiki of real-world adversary TTPs, software, and groups • Lets blue team and red team speak in the same language • CALDERA • Modular Automated Adversary Emulation framework • Adversary Mode: • AI-driven “red team in a box” • Atomic Mode: • Define Adversaries, give them abilities, run operations. Customize everything at will. In-Memory Malware • Is not new • Process Injection has been around for a long time • Typically thought of as advanced tradecraft; not really • Surged in popularity recently • Made easier by open-source or commercial red team tools • For this talk, only discuss Windows malware • When relevant, will include the ATT&CK Technique ID In-Memory
    [Show full text]
  • Embedding Mono Code in Unmanaged Applications on GNU/Linux
    Embedding Mono code in unmanaged applications on GNU/Linux LTH School of Engineering at Campus Helsingborg Department of Computer Science Bachelor thesis: Martin Arvidsson Viktor Hermansson c Copyright Martin Arvidsson, Viktor Hermansson LTH School of Engineering Lund University Box 882 SE-251 08 Helsingborg Sweden LTH Ingenj¨orsh¨ogskolan vid Campus Helsingborg Lunds universitet Box 882 251 08 Helsingborg Printed in Sweden Media-Tryck Biblioteksdirektionen Lunds universitet Lund 2011 Abstract In today's society more and more work is carried out with the help of dif- ferent computer systems. To benefit from the data, integration between the systems is needed. Saab has developed a solution to the problem, by the name WISE. With a modular design costs can be minimized, because a new integration does not necessarily require new software, but can be achieved with configuration of an existing module. (a so-called driver). By supporting languages on a higher level than C++, development of new drivers can be speeded up to further decrease the costs. As a first step C# support was implemented with the help of C++/CLI. Such a solution is constrained to the Windows platform. To be able to meet the customers need for Linux compatibility this project was initiated, to create a wrapper driver with the help of Mono. In the report it is shown that it is fully possible to create a working embedding of C# with the Mono runtime. The documentation of the limited embedding-API is however inadequate, this resulted in us having to investigate the functionality by creating small test cases and read the source code to see how function calls behaved.
    [Show full text]