PDA

View Full Version : .net makes me sick..how about you?


BanMe
September 14th, 2009, 22:33
This is the output of one of the 'solutions' I have been developing for the Binary auditing learning course..Its a simple Console..but it still loads all of this crap.

Code:
'PHOfCoffee.exe': Loaded 'C:\Documents and Settings\Visual Studio 2005\Projects\BinaryAuditor\PHOfCoffee\PHOfCoffee\Debug\PHOfCoffee.exe', Symbols loaded.
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\system32\ntdll.dll', Symbols loaded (source information stripped).
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\system32\kernel32.dll', Symbols loaded (source information stripped).
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\WinSxS\x86_Microsoft.VC80.DebugCRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_d014c028\msvcp80d.dll', Symbols loaded.
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\WinSxS\x86_Microsoft.VC80.DebugCRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_d014c028\msvcr80d.dll', Symbols loaded.
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\system32\msvcrt.dll', Symbols loaded (source information stripped).
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\system32\comdlg32.dll', Symbols loaded (source information stripped).
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\system32\advapi32.dll', Symbols loaded (source information stripped).
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\system32\rpcrt4.dll', Symbols loaded (source information stripped).
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\system32\secur32.dll', Symbols loaded (source information stripped).
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\system32\comctl32.dll', Symbols loaded (source information stripped).
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\system32\gdi32.dll', Symbols loaded (source information stripped).
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\system32\user32.dll', Symbols loaded (source information stripped).
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\system32\shell32.dll', Symbols loaded (source information stripped).
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\system32\shlwapi.dll', Symbols loaded (source information stripped).
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\system32\imm32.dll', Symbols loaded (source information stripped).
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll', Symbols loaded (source information stripped).
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\system32\msctf.dll', Symbols loaded (source information stripped).
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\system32\version.dll', Symbols loaded (source information stripped).
'PHOfCoffee.exe': Unloaded 'C:\WINDOWS\system32\version.dll'
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\system32\msctfime.ime', Symbols loaded (source information stripped).
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\system32\ole32.dll', Symbols loaded (source information stripped).
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\system32\apphelp.dll', Symbols loaded (source information stripped).
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\system32\clbcatq.dll', Symbols loaded (source information stripped).
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\system32\comres.dll', Symbols loaded (source information stripped).
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\system32\oleaut32.dll', Symbols loaded (source information stripped).
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\system32\version.dll', Symbols loaded (source information stripped).
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\system32\cscui.dll', Symbols loaded (source information stripped).
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\system32\cscdll.dll', Symbols loaded (source information stripped).
'PHOfCoffee.exe': Unloaded 'C:\WINDOWS\system32\cscui.dll'
'PHOfCoffee.exe': Unloaded 'C:\WINDOWS\system32\cscdll.dll'
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\system32\browseui.dll', Symbols loaded (source information stripped).
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\system32\setupapi.dll', Symbols loaded (source information stripped).
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\system32\ntshrui.dll', Symbols loaded (source information stripped).
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\system32\atl.dll', Symbols loaded (source information stripped).
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\system32\netapi32.dll', Symbols loaded (source information stripped).
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\system32\userenv.dll', Symbols loaded (source information stripped).
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\system32\uxtheme.dll', Symbols loaded (source information stripped).
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\system32\shdocvw.dll', Symbols loaded (source information stripped).
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\system32\crypt32.dll', Symbols loaded (source information stripped).
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\system32\msasn1.dll', Symbols loaded (source information stripped).
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\system32\cryptui.dll', Symbols loaded (source information stripped).
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\system32\wininet.dll', Symbols loaded (source information stripped).
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\system32\normaliz.dll', No symbols loaded.
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\system32\urlmon.dll', Symbols loaded (source information stripped).
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\system32\iertutil.dll', Symbols loaded (source information stripped).
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\system32\wintrust.dll', Symbols loaded (source information stripped).
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\system32\imagehlp.dll', Symbols loaded (source information stripped).
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\system32\wldap32.dll', Symbols loaded (source information stripped).
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\system32\riched20.dll', No symbols loaded.
'PHOfCoffee.exe': Unloaded 'C:\WINDOWS\system32\riched20.dll'
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\system32\xpsp2res.dll', Binary was not built with debug information.
'PHOfCoffee.exe': Loaded 'C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll', No symbols loaded.
'PHOfCoffee.exe': Loaded 'C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll', Symbols loaded.
'PHOfCoffee.exe': Unloaded 'C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll'
'PHOfCoffee.exe': Unloaded 'C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll'
The program '[360] PHOfCoffee.exe: Native' has exited with code 0 (0x0).


..the code for this is still incomplete. But wtf!!! does all this shit need to be loaded?! this is truely disgusting..this should not be..I remeber when i first started developing with asm..I was happy to see 5 or 6 dll loaded along with user32..now..its like the .NET framework just 'piles' them on with security in 'mind'.. the idea that computers and the memory available on these computers is increasing all the time, does not mean that anyone,especially microsoft should just use as much as possible.. I think this is a excellent tactic to 'force' customers to update the hardware of there systems..but this is hard to prove as all this comes in the guise of 'more secure' and more innovative.. I also think .NET is only another incarnation of microsofts old security measure 'security through obscurity',but more targeted towards abstracting away the knowledge of developers of the true internal workings of the system..and all this packaged into a ready to use 'framework' that people 'will' use,because its ease of use..lol fuck that, and fuck you microsoft for releasing something like that.. :P

disavowed
September 14th, 2009, 23:52
Quote:
.net makes me sick..how about you?

The DLLs you pasted above are not .NET DLLs; they're unmanaged/native DLLs.

Quote:
This is the output of one of the 'solutions' I have been developing for the Binary auditing learning course

Why are you blaming others for the fact that code you're developing is importing a lot of DLLs? It's your code! If you don't want it to import so many DLLs, change your code. Stop playing the victim.

Quote:
computers and the memory available on these computers is increasing all the time, does not mean that anyone,especially microsoft should just use as much as possible

Your assumption that each one of these DLLs takes up extra memory is wrong. For the most part, Windows uses copy-on-write for DLLs, so as long as some other process is using these DLLs (and you can be pretty sure that's the case), the fact is that none of these DLLs in your process are really taking up any extra space.

Quote:
I also think .NET is only another incarnation of microsofts old security measure 'security through obscurity'

What the fuck are you talking about? Microsoft made the entire .NET framework open source. There is no obscurity.
See here for details: http://weblogs.asp.net/scottgu/archive/2008/01/16/net-framework-library-source-code-now-available.aspx
See here for download: http://referencesource.microsoft.com/netframework.aspx

I'm am getting sick and tired of you spreading confusion on this message board.

evaluator
September 15th, 2009, 01:05
but on other hand.. disavowed, how are you SURE, he links to these DLLs!?

BanMe
September 15th, 2009, 01:35
hmm the code I 'had' only imported kernel32 and ntdll, before i added the 1 function: GetOpenFileName..which is exported by CommDlg32..but importing that 1 fucking dll opened the door for all the app_init dlls, thanks to user32(not .NET obviously)..then i decided to use a CRT or CLR ap _wsplitpath.(thats .NET in my book,maybe I am wrong,but they both suck as far as I am concerned) This 1 api led to the loading of all the rest..which is what i was complaining about..but nice argument none the less.

"you can be pretty sure that is the case"...

I run a minimalist style environment at least when im on the computer..and I like developing minimalist style applications only importing and using the API's and dll's that are necessary for accomplishing the task required.I dont like it when it takes more then 5seconds to load a application that not 5 minutes before ran almost instantly..

you missed the point almost completely as to how I think the .NET framework detracts from the knowledge attained by doing things in C/C++ or asm or even VB for that matter..But thats fucking awesome that .NET is opensource..I didn't know that..

I still think .NET adds a layer of obscurity and 'prebuilt' fruityness that I for one don't like..but hey you can enjoy the fruit all you want..

evaluator
September 15th, 2009, 01:44
heeey!
BanMe, how about DELeteing that harmful DLLs!!!??? (joke)

but on other hand, maybe all that trash come from DEBUG-build!?

BanMe
September 15th, 2009, 10:49
hmm, maybe I should be developing in release mode anyway..thanks for the advice.

rendari
September 15th, 2009, 12:47
I remember when I was writing those .NET papers, I had a .NET app opened in Olly for unpacking. In the .NET app I clicked a button and initiated an OpenFileDialog. While the dialog was open, I noticed in my module window of Olly that .NET would continuously load and unload 8 DLLs in a loop. It was funny, because the module window was continuously going up and down. I didn't look into it more than that, but that incident didn't really bolster my opinion of .NET.

disavowed
September 15th, 2009, 14:51
Quote:
[Originally Posted by BanMe;82968]then i decided to use a CRT or CLR ap _wsplitpath.(thats .NET in my book,maybe I am wrong,but they both suck as far as I am concerned)

I'm not sure why you consider that to be related in any way to .NET since it's a CRT function. If you want to use that function and don't want your process to load CRT DLLs, then you should be linking the CRT libraries statically, not dynamically.

Quote:
you missed the point almost completely as to how I think the .NET framework detracts from the knowledge attained by doing things in C/C++ or asm or even VB for that matter

Yes, and the same could be said about C/C++ vs. assembly language. Though C/C++ is usually better to use than assembly language (in terms of time-to-implement), sometimes assembly language is the right choice. And likewise, though C# is often better to use than C/C++ (in terms of time-to-implement), sometimes C/C++ is the right choice. It's a trade-off of rapid-development vs. low-level control.

Quote:
I still think .NET adds a layer of obscurity and 'prebuilt' fruityness that I for one don't like..but hey you can enjoy the fruit all you want..

What you call "obscurity" is really "abstraction". Many developers like to program for the Windows OS because they can for example use API functions to access files, instead of writing low-level I/O code to talk to the hard drive directly. This is a *good* thing, since most developers don't need to talk to the hard drive directly. And much like C/C++ offers abstraction over assembly language, C# offers an ever higher level abstraction. It's great if you don't need access to the low-level details, and the truth is, that makes it very useful for most developers.

Keep in mind, we are the minority. Companies like Microsoft cater to the majority, as well they should since their purpose is to make money for their investors. That's how a corporation works

evaluator
September 15th, 2009, 15:30
yaa. 2+25 DLLs are loaded for only GetOpenFileName API call.