部分反汇编.net可执行文件

发布于 2024-08-07 17:29:21 字数 527 浏览 5 评论 0原文

我需要编写一个相对较小的程序来解析 .net 可执行文件并生成对外部方法的调用列表。例如,如果在文件内调用 System.Console.WriteLine ,该工具应打印出在某处调用了 System.Console.WriteLine 。我不能(有限的大脑和时间)也不需要(我需要的只是一个调用列表)实现真正的反汇编。我想要一个 grep 友好 perl 友好 相对较短的解决方案,它可以写入调用的函数的名称以及调用发生的偏移量。

我已经尝试过的事情:

  1. 从 MSDN 下载规范。 现在我知道静态调用被翻译为字节码中的0x28。 :) 接下来是方法描述符,但了解方法描述符的含义可能需要阅读整个规范。

  2. 在 Reflector 中打开简单的 exe。 Reflector 精确地重现了我原始应用程序的代码,但我看不到调用的字节码。

是否可以用有限的时间和知识来实现​​所需的有限功能?

如果是这样,我知道如何实施它?有没有“CIL 傻瓜组装”指南?

I need to write a relatively small program to parse .net executables and generate the list of calls to external methods. For example if System.Console.WriteLine is called inside the file the tool should print that System.Console.WriteLine is called somewhere. I cannot (limited brain and time) and need not (all I need is a list of calls) implement a real disassembly. I want a grep friendly perl friendly relatively short solution that writes the names of the functions called and the offset where the call happened.

Things I already tried:

  1. Downloading specs from MSDN.
    Now I know that static call is translated to 0x28 in bytecode. :) It is followed by method descriptor but understanding what method descriptor means will probably require reading the entire spec.

  2. Opening simple exe in Reflector.
    Reflector precisely reproduced the code of my original application yet I can not see the bytecode for the calls.

Is it possible to implement the desired limited functionality with limited time and knowledge?

If so what do I know to implement it? Is there any "CIL assembly for dummies" guide?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

恋你朝朝暮暮 2024-08-14 17:29:21

Cecil 项目是一个可以完全满足您需求的库。

The Cecil project is a library to do exactly what you want.

饭团 2024-08-14 17:29:21

如果您想要 grep/perl 友好的东西,请使用 ildasm(在其命令行模式下,即使用 /out 或 /text)将字节代码反汇编为文本 IL。然后,您可以使用 grep、perl 或您选择的语言来查找调用指令。 (grep 可能不足以识别调用指令所在的方法,但 perl 应该能够。)

If you want something grep/perl-friendly, use ildasm (in its command line mode i.e. with /out or /text) to disassemble the byte code to textual IL. You can then use grep, perl or the language of your choice to locate call instructions. (grep probably wouldn't suffice to identify which methods the call instructions were located in, but perl should be able to.)

野心澎湃 2024-08-14 17:29:21

通用编译器基础结构也可能对您有帮助:http://ccimetadata.codeplex.com/

我赞同 itowlson 的建议,将程序集拆解为 .il 文件,然后使用 grep 对其进行解析(如果您正在寻找该文件)。由于 ILDasm 将显示所有类型的完整命名空间,因此您应该能够很快地弄清楚它是您的类型还是引用的类型。

The Common Compiler Infrastructure might help you too: http://ccimetadata.codeplex.com/.

I would second itowlson's suggestion to just disassemble the assembly into an .il file and parse it using grep if that is what you are looking for. Since ILDasm will show full namespaces for all types you should beable to figure it out rather quickly if it is your type or a referenced type.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文