Thursday, September 19, 2013

Windows Image File Execution - Hooking into application launch

The Image File Execution setting in registry is mostly used to attach debugger to a process. It is mainly used for debugging services. A normal use case is to attach a debugger when a service or process starts up. In such a case when you cannot control the service\process startup e.g. through commandline then you can use the Image File Execution option. With this option you specify that when a particular exe e.g. myapp.exe is executed then the call should come to your application first (which normally is a debugger) and your application or debugger can then execute the original application with required paramaters.

Reference: How to: Launch the Debugger Automatically

Sometimes, you may need to debug the startup code for an application that is launched by another process. Examples include services and custom setup actions. In these scenarios, you can have the debugger launch and automatically attach when your application starts.

To setup an application to launch the debugger automatically

  1. Start the Registry Editor (regedit).
  2. In the Registry Editor, open the HKEY_LOCAL_MACHINE folder.
  3. Navigate to HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\currentversion\image file execution options.
  4. In the Image File Execution Options folder, locate the name of the application you want to debug, such as myapp.exe. If you cannot find the application you want to debug:
    1. Right-click the Image File Execution Options folder, and on the shortcut menu, click New Key.
    2. Right-click the new key, and on the shortcut menu, click Rename.
    3. Edit the key name to the name of your application; myapp.exe, in this example.
  5. Right-click the myapp.exe folder, and on the shortcut menu, click New String Value.
  6. Right-click the new string value, and on the shortcut menu, click Rename.
  7. Change the name to debugger.
  8. Right-click the new string value, and on the shortcut menu, click Modify.
    The Edit String dialog box appears.
  9. In the Value data box, type vsjitdebugger.exe.
  10. Click OK.
  11. From the Registry menu, click Exit.
  12. The directory containing vsjitdebugger.exe must be in your system path. To add it to the system path, follow these steps:
    1. Open the Control Panel in Classic view, and double-click System.
    2. Click Advanced System Settings.
    3. In System Properties, click the Advanced tab.
    4. On the Advanced tab, click Environment Variables.
    5. In the Environment Variables dialog box, under System variables, select Path, then click the Edit button.
    6. In the Edit System Variable dialog box, add the directory to the Variable value text box. Use a semicolon to separate it from other entries in the list.
    7. Click OK to close the Edit System Variable dialog box.
    8. Click OK to close the Environment Variables dialog box.
    9. Click OK to close the System Properties dialog box.
    Now, use any method to start your application. Visual Studio will start and load the application.








Monday, May 28, 2012

Federated Security

Say there are two organizations A and B. Users in A needs to access a web service in B. How does the web service in B authenticate users in A? One way is to create user database in B. This means users in A needs to have  two credentials one for access resources in A and other for accessing resources in B.
Federated Security solves this use case where there is no need to create two credentials for a user. When a request from a user in A comes to web service in B then that user is not authenticated by B but the authentication requested is routed to A.

Read:
A Developer's Introduction To Active Directory Federation Services




Wednesday, April 11, 2012

Sunday, April 25, 2010

.Net static constructors

Following are some links related to static constructor and beforeFieldInit flag
Following are some key points:
  • If your class does not have a static constructor and has static fields then the class is marked with 'beforefieldinit' attribute
    • This means that the static fields will be initialized any time before any static method or instance method is accessed e.g. if you put a code in a method say Method1() which access a static variable from above class then your static variable can be initialized as soon as you enter Method1(). (This is an example and based on my observation. As per documentation the initializer for static variable can be called at assembly load also or not at all)
  • If your class has a static constructor and has static fields then the class is not marked with 'beforefieldinit' attribute.
    • This means that the static ctor will be called before any static or instance field is accessed. This means compiler puts a check before every call of the class to check if static ctor is called which is expensive. Also, with this in the previous example the static variable will not be initialized as soon as you enter Method1() but it will be initialized on first call.
Let's check the output with and without static constructor foe following class:

    public class MyClass
    {
        public static string Variable01 = GetVariableValue();

        /*
        static MyClass()
        {
            Console.WriteLine("MyClass static ctor called...");
        }*/

        private static string GetVariableValue()
        {
            Console.WriteLine("MyClass.GetVariableValue called...");

            return "Variable1 value";
        }
    }


The method which calls the above class is as follows:
        private static void StaticTest()
        {
            Console.WriteLine("StaticTest called...");

            Console.WriteLine("MyClass.Variable01 = [{0}]", MyClass.Variable01);
        }


Without static constructor the output is as follows:


MyClass.GetVariableValue called...
StaticTest called...
MyClass.Variable01 = [Variable1 value]


Note that the static variable is initialized as soon as you enter the method i.e. "MyClass.GetVariableValue called..." is before "StaticTest called..."

If you use static constructor then the output is as follows:

StaticTest called...
MyClass.GetVariableValue called...
MyClass static ctor called...
MyClass.Variable01 = [Variable1 value]



Here the "StaticTest called..." is displayed first then the static variable initializer is called and then static ctor.

To conclude: Without static ctor your static variables are initialized before any calls to static or instance methods. But you won't get lazy initialization. with static ctor you get lazy initialization but since compiler puts a check the calls are expensive.

Friday, March 5, 2010

Alternate data streams in Windows

Following article describes the alternate data stream in windows:
http://support.microsoft.com/kb/105763

Following is the way to create and verify it:
  • On command prompt type:
    • echo this is alternate stream > c:\alternate.txt:alternate
  • To view use one of the following:
    • type c:\alternate.txt:alternate
    • more < c:\alternate.txt:alternate