Jump to content


Photo

Microsoft .NET Native


34 replies to this topic

#21 kao

kao

    Reverser

  • VIP
  • PipPipPipPipPipPip
  • 1,166 posts
  • Gender:Male
  • Team:Freelancer

Posted 07 April 2014 - 10:31 AM

Yes, as I mentioned in the first post, currently it's limited to certain types of apps. But if you could still make a sample application, it would be really nice. Otherwise I'll spend an hour or so installing VisualStudio + few GB of updates + .NET Native in my VMWare.
  • 0

#22 bprg

bprg

    Advanced Member

  • Members
  • PipPipPip
  • 122 posts
  • Gender:Male
  • Team:Black Storm

Posted 07 April 2014 - 10:50 AM

Micro'soft's open sourcing of .Net: The back story.

 

http://www.zdnet.com...ory-7000028109/


Edited by bprg, 07 April 2014 - 10:54 AM.

  • 0

#23 spudiod

spudiod

    Junior

  • Members
  • Pip
  • 22 posts
  • Gender:Male
  • Team:none

Posted 08 April 2014 - 03:14 AM

I was trying to make an app but i was getting this error upon clicking MainPage.xaml 

alNcssZ.png

Using Visual studio 2013 on windows 8.1 with VMware 

I tried googling the error, nothing came up


  • 0

#24 li0nsar3c00l

li0nsar3c00l

    Proud .Net Noob

  • VIP
  • PipPipPip
  • 245 posts
  • Gender:Male
  • Team:RTN

Posted 08 April 2014 - 07:30 AM

Im propably one of the few persons who dont lile those news that much cause im one of the "reflexil-using-n00bs".
But on the other hand, it will force people to learn new things and might bring some quality to the reversing scene
  • 0

#25 kao

kao

    Reverser

  • VIP
  • PipPipPipPipPipPip
  • 1,166 posts
  • Gender:Male
  • Team:Freelancer

Posted 08 April 2014 - 10:09 AM

Ooook.. After spending several hours yesterday installing all that horrid crap on that equally horrid OS, I finally managed to build something into .NETNative. That's an experience I don't want to repeat. Ever.

tl;dr - .NET-style metadata are gone. You get native exe+dll+mrt100_app.dll

How to install it.
1) You pretty much follow instructions by MS. Install VS2013 on Win8.1, install Visual Studio 2013 Update 2 RC, install .NETNative package kindly provided by JeRRy.
2) Open or create project for Windows Store app.
3) VS2013 will bug you to get Developers licence. Just hit Cancel, you don't need it for testing.
4) Right-click project and select "Enable for .NET Native"
5) Lots of magic will happen in the background, and nice MHT document will open and describe next 2 steps.
6) Select solution, in properties select correct configuration. "AnyCPU" won't do, you need either ARM or X64.
7) Then select project, and in Build properties for this configuration enable "Compile with .NET Native" toolchain.

Build process
1) Once you've set up configurations properly, run Build as usual.
2) If you've enabled .NET Native, in the log window you'll see something like this:
.NET Native Build starting: Several compilation stages will occur. Please be patient as this may take several minutes.

1>------ Rebuild All started: Project: App1, Configuration: Debug x64 ------
1>  App1 -> C:\123\App1\App1\bin\x64\Debug\App1.exe
1>  Loading 63 modules...
1>  Checking assembly C:\123\App1\App1\bin\x64\Debug\App1.exe

...

1>  Build succeeded.
1>      0 Warning(s)
1>      0 Error(s)
1>  
1>  Time Elapsed 00:02:27.26
1>  Compilation successful.
1>  
========== Rebuild All: 1 succeeded, 0 failed, 0 skipped ==========
Yes, it takes 2.5 minutes to build app that does absolutely nothing.

Result
I tested simple SplashScreenApp from official MS code samples.

.NET EXE size - 35KB. Download link for EXE file: https://www.mediafir...99csgohbvyiegab
.NET Native: EXE size - 4KB, DLL size - 3.6MB, mrt100_app.dll - 300KB. Download link for binaries+PDB file, so that you can explore it a bit: https://www.mediafir...ac3ggddv76chcv4
These are not complete application packages, you will not be able to run them! Just explore them and see how bad is the future...

EDIT 2x: Typos. Lots of them. I can't type today.

Edited by kao, 08 April 2014 - 10:11 AM.

  • 6

#26 tonyweb

tonyweb

    .: Just Another Noob :.

  • VIP
  • PipPipPipPip
  • 277 posts
  • Gender:Male
  • Team:No Team (I'm a noob)

Posted 08 April 2014 - 11:57 AM

@kao

Thank you so much for your great efforts and for bringing us these new challenges.

Time for a new Kurapica series on .NET? :P

 

@li0nsar3c00l

If you are a noob I'm a fruitseller (with respect to fruitsellers) :ohmy:

Sadly, I never managed to understand and defeat .NET protectors ... I always use 0xd4d masterpiece for such a task :sad:

 

I really hope this new start will give me the right motivation :)

Hopefully I'll also find some [more] free time to give it a go ;)

 

Best Regards,

Tony


Edited by tonyweb, 08 April 2014 - 01:53 PM.

  • 0

#27 Kurapica

Kurapica

    Experience Member

  • B@S Team
  • PipPipPipPipPipPip
  • 2,615 posts
  • Gender:Male
  • Location:Archives
  • Team:Black Storm

Posted 08 April 2014 - 02:12 PM

I'm sure those old school tech-savy guys must be laughing hard at how the definition of a "Native" application has become nowadays !

 

it takes 2.5 minutes to build app that does absolutely nothing

 

and that huge DLL which should be shipped with the final exe !

 

sometimes I think it is really better to learn a hard language that

 

produces a reasonable fast native application with reasonable size than going into this mayhem of Native .NET !

 

 

by the way tony ! you are a great reverser :D


  • 0

#28 master131

master131

    Junior

  • Members
  • Pip
  • 13 posts
  • Team:None

Posted 10 April 2014 - 06:16 AM

These are not complete application packages, you will not be able to run them! Just explore them and see how bad is the future..

 

 

Hooray for the future. :blum2:

 

That monstous DLL could probably do some work though. They should probably statically link all the files so there's only one file at the end and probably try to cut down the DLL size (maybe .NET Native redistributable? Who knows). I guess for now if you want speed, you have to accept large file sizes.


Edited by master131, 10 April 2014 - 06:26 AM.

  • 0

#29 master131

master131

    Junior

  • Members
  • Pip
  • 13 posts
  • Team:None

Posted 10 April 2014 - 06:53 AM

Sorry for double-post (can't edit my previous one now), but it appears that .NET User Strings (traditionally stored in the #US heap obviously) aren't referenced directly so tools like IDA and OllyDbg can't pick them up directly (means kiddies can't check for strings in one-click). They're all referenced by a class pointer which looks something like this:

struct net_native_string
{
        void* stringTypeVTable;
        int length;
        wchar_t string[0];
};

 

I guess in a sense .NET Native has semi-string protection now, although I guess it wouldn't be too difficult to write a tool to diassemble a .NET Native target and check the virtual method table's functions and see if it matches a string's type using some signature scans.


  • 1

#30 master131

master131

    Junior

  • Members
  • Pip
  • 13 posts
  • Team:None

Posted 11 April 2014 - 06:17 AM

Triple post, yikes. Feels like I'm talking to myself here. :ohmy:  Anyway, whipped up a small app in C# to do exactly what I described above. Application and source are included. Below is a link of the output on the sample posted by @kao.

 

400nFBc.png

 

Log file path is optional, you can drag and drop for console output.

 

Output:

http://pastebin.com/TGqEeVxZ

 

Download:

http://www.mediafire...tiveStrings.rar

 


  • 2

#31 kao

kao

    Reverser

  • VIP
  • PipPipPipPipPipPip
  • 1,166 posts
  • Gender:Male
  • Team:Freelancer

Posted 11 April 2014 - 09:53 AM

It's a nice (and well commented!) code. I don't see that very often here.. ;)

If I was making such an app, I'd probably design it the other way around - start by locating string vtable, then locate all data references to it(=all strings), then all code references to strings. Maybe it's because I'm lazy and wouldn't want to mess around with BeaEngine. :D
  • 0

#32 master131

master131

    Junior

  • Members
  • Pip
  • 13 posts
  • Team:None

Posted 11 April 2014 - 10:08 AM

It's a nice (and well commented!) code. I don't see that very often here.. ;)

If I was making such an app, I'd probably design it the other way around - start by locating string vtable, then locate all data references to it(=all strings), then all code references to strings. Maybe it's because I'm lazy and wouldn't want to mess around with BeaEngine. :D

 

Well, I thought it would be easier to find the vtable along the way while disassembling rather than frantically searching sections for it. Also, thanks for the positive feedback. :D


  • 0

#33 0xd4d

0xd4d

    Greatest Member

  • VIP
  • PipPipPipPipPip
  • 555 posts
  • Gender:Not Telling
  • Team:-

Posted 19 August 2014 - 11:39 AM

Anyone happen to have Developer Preview 2 (not 3) that was released in May? Installed or installer.


  • 0

#34 0xd4d

0xd4d

    Greatest Member

  • VIP
  • PipPipPipPipPip
  • 555 posts
  • Gender:Not Telling
  • Team:-

Posted 30 September 2015 - 10:18 PM

ReadyToRun - native .NET code on the desktop. To generate images, ngen will probably be used (CoreGen.exe if you're using CoreCLR). The generated images can still run after dependent assemblies have been modified (eg. classes have gotten new fields or methods), assuming those asms aren't considered part of the user asm ("in the same version bubble"). NGEN'd files needed to be recompiled when that happened. Grab a cup of coffee and read the overview above for more info. :)

 

Some files:

 

https://github.com/d...eadytoruninfo.h

 

https://github.com/d...dytoruninfo.cpp


Edited by 0xd4d, 30 September 2015 - 10:18 PM.

  • 0

#35 Xenocode

Xenocode

    INC BYTE PTR DS:[40324C]

  • Members
  • PipPipPip
  • 167 posts
  • Gender:Male
  • Team:ᐃᐃᐁᐁᐊᐅᐊᐅᏴᎪ

Posted 01 October 2015 - 04:29 PM

Yay ! We are one step closer again.

 

«RyuJIT is used as the code generator to produce the ReadyToRun images currently.» Why ? Why RyuJIT ?


  • 0



Reply to this topic



  


1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users