In my upcoming assignment (the one that made me canceled my leave), I was asked to "verify" that a set of assemblies are indeed the compiled product of a set of source codes. *Gee! I'm a walking assembler or what?*
Anyway, here's how it can be done. You will need two tools - fc.exe (to diff files) and ildasm.exe (to disassemble a .NET assembly). You will also need the original source codes.
First, compile the source codes to produce the assembly (.dll or .exe). We will call this our source assembly. The target assembly will be the one already present. Next, use ildasm.exe to disassemble both assemblies and output the result to a file. Example:
ildasm /out=source.txt c:\source\MyAssembly.exe
ildasm /out=target.txt c:\target\MyAssembly.exe
To compare both files, use the fc.exe tool. Example:
fc source.txt target.txt
In the event where both assemblies are indeed produced by the same source codes, the comparison result will only show a minor difference on a comment line. It will be something like:
***** source.txt
.corflags 0x00000001 // ILONLY
// Image base: 0x00250000
***** target.txt
.corflags 0x00000001 // ILONLY
// Image base: 0x009F0000
Take note that the base address will be different on your machine. If no other changes are reported, then it is quite likely that both assemblies come from the same source code.
To compare the differences (i.e line-by-line) at a programming language level, I recommend Reflector and the Reflector.Diff add-in.
Why Not Do A Binary Comparison?
The fc.exe tool has a /b flag to perform binary comparisons. The reason why this will not work is because .NET assemblies are always different whenever they are being recompiled. Therefore, while a binary comparison on an assembly that was originally produced by the same compilation would yield no differences, a binary comparison on an assembly that was compiled on different compilations will reveal differences.
I would like to thank Tom Hollander for bringing up the disassemble and compare idea.
Popular Post
-
J ust finished my 071-431: TS: Microsoft SQL Server 2005 - Implementation and Maintenance exam an hour ago and this time, it was easier for...
-
The Rhineland Palatinate state government had asked the Commission to pump €13 million into the firm as part of a rescue package which would...
-
I have been quite busy recently. Last week, I was in Singapore for the regional New Hire Bootcamp where I get to meet other newbies like me...
-
Citroen will showcase the new DS3 Cabriolet at the 2012 Paris Motor Show from September 27, but to prepare us, the French carmaker dropped... -
So NASA found a planet like Earth last month or whenever . Yes, yes, yes! That means more closet space, more Starbucks and a new location to... -
Despite a rather high US$39,995 sticker price for the base edition of the Volt , Chevrolet’s range-extended hybrid has sold a record 2,831 u... -
V8 / 8.193 cc / 600 PS / 600 lb/ft (813 Nm) @ 2.000 / biturbo / 0 - 100 mph (160 km/h): 8,0 s / Vmax: 200+ mph (320+ km/h) (click images for...
-
The Worldwatch Institute reports that global production of passenger vehicles, i.e. cars and light commercial trucks, set a new record in 2... -
Det Vackra Livet is the most recent band signed to Labrador and the duo consists of brothers Philip and Henrik Ekström of The Mary Onett...
-
V12 / 5.576 cc / 385 PS / 406 ft/lb (550 Nm) @ 4.000 / 0 - 62 mph (100 km/h): 6,6 s / Vmax: 155 mph (250 km/h) (click images for a larger ...
No comments:
Post a Comment