.NET Illuminator v1 – .NET Hack

Welcome to the .NET Illuminator page.

I have designed a useful utility that has the ability to inject itself into any .NET application and allow you to see the entire UI object model and even let you play with it.

A few other features that are useful are the connection string extraction tool, which shows you all connection strings the application has ever used. There is also the object search tool to scan all static properties in the application and view what there properties, including strings and connections, etc.

One of these days when I actually have time, I will post some screen shots and a how to. If someone else wants to take this task on, I am happy to provide your name on the page and credit to you!

Screenshot:

Main Screen. You can pick any running .NET application in the system.

image

Here is the application, after I injected into Windows Live Writer.

image

Notice that you can see all the controls. You can even change properties on the controls and they will instantly take effect. Fun with hacking, right?

In the advanced options. All the loaded assemblies

image

Search static objects in memory:

image

Dump SQL Connections:

image

If the program had any open SQL connections, or had used any this session, they would appear here. Great way of getting access to application locked connection strings. Jump right into their Express or SQL Server databases without any hacking knowledge.

If you find this useful, please comment. It’s been a year since this has been up and haven’t had any feedback. I just added the screen shots, since I figured that may shed “light” on what this crazy application is.

Download .NET Illuminator – Security Illuminated Version 1.0 ALPHA

Enjoy!

5 thoughts on “.NET Illuminator v1 – .NET Hack

  1. Pingback: .NET Illuminator v1 Alpha Released to the wild | Ignore the man behind the curtain

  2. TechGuy

    Wow… this really makes you rethink your connection string. Thanks for the program. Any chances of getting the source? I’d like to see the section on how you are getting the connection string.

    Reply
    1. Brian Seekford Post author

      hmm.. I guess I can share. I used reflection to grab these “hidden” gems.

      ///
      /// Loads all pooled connection strings.
      ///
      ///
      public static List LoadAllPooledConnectionStrings()
      {
      try
      {
      SqlConnection connection = new SqlConnection();

      FieldInfo connectionFactory = connection.GetType().GetField(“_connectionFactory”, BindingFlags.GetField | BindingFlags.NonPublic | BindingFlags.Static);

      object cFactory = connectionFactory.GetValue(connection);
      FieldInfo connectionPoolDictionary = connectionFactory.FieldType.GetField(“_connectionPoolGroups”, BindingFlags.GetField | BindingFlags.NonPublic | BindingFlags.Instance);

      object dictPools = connectionPoolDictionary.GetValue(cFactory);

      Type poolDictionaryType = dictPools.GetType();
      PropertyInfo pooledKeys = poolDictionaryType.GetProperty(“Keys”, BindingFlags.Public | BindingFlags.Instance);

      object keys = pooledKeys.GetValue(dictPools, null);

      List allKeys = new List();
      foreach (object key in (IEnumerable)keys)
      allKeys.Add(key.ToString());
      return allKeys;
      }catch(Exception err)
      {
      throw err;
      }
      }

      Reply

Leave a Reply

Your email address will not be published. Required fields are marked *