Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Is it possible to write malware that runs on .NET?

I've heard of security features in the framework and the BCL, but does this have anything to do with preventing malicious programmers from writing harmful software, or preventing malware from running on the CLR? For example, is it possible to write a program in C# that makes harmful changes to the Windows folder?

like image 250
Steven DeWitt Avatar asked Dec 17 '22 09:12

Steven DeWitt


2 Answers

Absolutely, especially if that application is given a high amount of trust. That's what the trust levels in .NET do.

Check out the article on Code Access Security on MSDN for more information.

Also check out Keith Brown's excellent book on .NET Security, which you can read online.

like image 101
Dave Markle Avatar answered Dec 24 '22 02:12

Dave Markle


It certainly is. Previous job we created a windows forms interface for a a few beckhoff plc controllers. On of my collegues managed to kill one of the windows servers with the help of WCF and some seriously bad coding or it could be beckhoffs fault.

That can be what you get for running an application with full rights.

like image 24
mhenrixon Avatar answered Dec 24 '22 00:12

mhenrixon