|
|
You can control many debugging features by manipulating the Registry. The HKLM\Software\Microsoft\.NETFramework\DbgJITDebugLaunchSetting key sets debug notifications, as follows:
|
0 |
Message box is displayed |
|
1 |
No message box; bottom stack dump taken |
|
2 |
Control passed to default debugger |
The HKLM\Software\Microsoft\.NETFramework\DbgManagedDebugger key defines the default debugger path to debugger\cordbg.exe !a %d.
In addition to using the Registry, you can view MSIL for an assembly by using Ildasm. This tool allows you to view the IL code and send the code to a text file for modification by using the following syntax:
ildasm module.dll /out:module.il
Then you can open the .il file with Notepad, modify the IL code, and reassemble it by using Ilasm.
ilasm /dll module.il
In addition, there are other tools that you can use to conceal your code from having this type of operation done to it. These tools are called obfuscators . There are many third-party vendors who sell these tools. The following are some Web sites of obfuscator vendors:
http://www.preemptive.com/dotfuscator
http://www.lesser-software.com
Table 16-1 lists the directives for debugging the CIL, and Table 16-2 lists the opcodes.
|
Name |
Description |
|---|---|
|
.addon |
Allows for client event registration |
|
.assembly |
Used to reference assemblies and define information about assemblies |
|
.class |
Defines types |
|
.corflags |
Documents the portable execution information |
|
.custom |
Adds attributes information |
|
.data |
Defines a data segment |
|
.entrypoint |
Defines the first method called on entry into an assembly |
|
.event |
Defines an event |
|
.export |
Defines the name for an exported method |
|
.field |
Defines a field of a class |
|
.file |
References a file |
|
.fire |
Defines a method that can raise an event |
|
.get |
Retrieves a property value |
|
.hash |
Creates or shows the algorithm used for a hash |
|
.locale |
Defines the culture |
|
.locals |
Defines local variables |
|
.maxstack |
Defines the maximum number of values on the stack |
|
.method |
Adds a method to a class |
|
.mresource |
Adds resource information |
|
.namespace |
Groups code into a logical entity |
|
.override |
Defines a method that overrides a base method |
|
.pack |
States field boundary size |
|
.permission |
Defines security information |
|
.permissionset |
Defines security information on multiple resources |
|
.property |
Defines a class property |
|
.publickey |
States the public key used to sign the assembly |
|
.publickeytoken |
Contains 8 bytes of the reference key assembly |
|
.removeon |
Unregisters an event |
|
.set |
Sets the value on a property |
|
.size |
Defines a block of memory in a class |
|
.subsystem |
Defines user interaction preference |
|
.try |
Enters a try block |
|
.ver |
States the current version or desired version |
|
.ventry |
States the slot a method should be in a vtable |
|
.vtfixup |
Defines a vtable for exported methods |
|
Name |
Description |
|---|---|
|
Add |
Adds two values on the stack and pushes the results on the stack |
|
And |
Performs a logical AND and pushes the results on the stack |
|
Arglist |
Gets variable argument list for a vararg method |
|
Beq |
Breaks to a code label if the two top values on the stack are true |
|
Bge |
Breaks to a code label if the second-most top value is greater than or equal to the value on top of the stack |
|
Bgt |
Breaks to a code label if the second-most top value on the stack is greater than the top value |
|
Ble |
Breaks to a code label if the second-most top value is less than or equal to the top stack value |
|
Blt |
Breaks to a code label if the second-most top value is less than the top stack value |
|
Bne.un |
Breaks to a code label if the two top values are not equal |
|
Box |
Turns a value type into a reference type |
|
Br |
Breaks to a code label unconditionally |
|
Brfalse |
Breaks to a code label if the top stack value is false |
|
Brtrue |
Breaks to a code label if the top value is true |
|
Call |
Calls an instance method and does not throw an exception if the value is on the stack |
|
Calli |
Calls a method via a function pointer |
|
Callvirt |
Calls an instance method and throws an exception if the reference is not on the stack |
|
Castclass |
Checks to a see if a reference type is a specific type and pushes the result on the stack; throws an exception on failure |
|
Ceq |
Compares two values for equality and pushes the results on the stack |
|
Cgt |
Compares the two top values on the stack to see if the second-most top value is larger |
|
Ckfinite |
Checks for divide-by-zero conditions |
|
Clt |
Compares the two top values on the stack to see if the second value is smaller |
|
Conv |
Converts a value to the appended type |
|
Cpblk |
Copies data from one memory location to another |
|
Cpobj |
Takes the value at one address and copies it to the another address |
|
Div |
Divides the two top values on the stack and pushes the result |
|
Dup |
Duplicates the current value on the stack |
|
Endfault |
Signals the end of a catch block |
|
Endfinally |
Signals the end of a finally block |
|
Initblk |
Initializes a block of memory |
|
Isinst |
Checks to see if a reference is of a specific type and pushes the results on the stack; returns null on failure |
|
Jmp |
Calls a method with the same argument values as the current method and then terminates the current method execution |
|
Ldarg |
Loads an argument value on the stack |
|
Ldc |
Loads a loads a specific value on the stack |
|
Ldelem |
Retrieves an element in an array and pushes it on the stack |
|
Ldelma |
Gets the address of an element in an array and pushes it on the stack |
|
Ldfld |
Loads an instance field's value on the stack |
|
Ldftn |
Loads a function pointer on the stack |
|
Ldind |
Retrieves a value given an address; the type is defined after the opcode |
|
Ldlen |
Pushes the length of an array on the stack |
|
Ldloc |
Loads a variable's value on the stack |
|
Ldloca |
Loads a variable's address on the stack |
|
Ldnull |
Loads a null reference on the stack |
|
Ldobj |
Gets values from an address on the stack and pushes the result on the stack |
|
Ldsfld |
Loads the value of a static field or an instance field on the stack |
|
Ldstr |
Loads a string on the stack |
|
Ldvirftn |
Loads a function pointer on the stack |
|
Leave |
Leaves a try block |
|
Mul |
Multiplies two values on the stack and pushes the result |
|
Newarr |
Creates a new array |
|
Newobj |
Creates a new instance of an object |
|
Nop |
Does nothing; no opcode |
|
Not |
Performs the NOT binary operation on the topmost stack value and pushes the result |
|
Or |
Performs an OR binary operation on two stack values and pushes the results |
|
Rem |
Divides two values on the stack and pushes the remainder on the stack |
|
Ret |
Ends execution of a method and returns the topmost value on the stack |
|
Shl |
Performs a shift left operation |
|
Shr |
Performs a shift right operation |
|
Sizeof |
Calculates the size of a value type and pushes the result on the stack |
|
Stelem |
Takes a value on the stack and places it in an array |
|
Stdfld |
Stores the value of an instance field on the stack |
|
Stind |
Stores a value in a local variable given an address |
|
Stloc |
Stores a value on the stack |
|
Stobj |
Stores a value on the stack in the value defined by an address |
|
Stsfld |
Stores a value on the stack in either a static field or an instance field |
|
Sub |
Subtracts two values on the stack and pushes the result |
|
Switch |
Defines a jump table |
|
Tail |
Calls a method, and then terminates the current method |
|
Throw |
Throws an exception |
|
Unaligned |
States that the next address is unaligned |
|
Unbox |
Turns a reference type into a value type |
|
|