CODEWITHSUNDEEP
.net
John MacIntyre
John MacIntyre

Reputation: 13021

How to determine if a .NET dll is legitimately from Microsoft?

I suspect an asp.net mvc dll we're using has been modified because:

  1. There is no matching symbolic information on the Microsoft Symbol Servers.
  2. The dll in question is not strong named.

How can I confirm conclusively whether or not a dll is indeed from Microsoft and not changed?

PS - I realize this sounds like a security question, and it's definitely valid in that context, but my intent is to find out if my predecessors included all the code I need to maintain the project.

Upvotes: 2

Views: 234

Answers (2)

Peter Ritchie
Peter Ritchie

Reputation: 35881

"%ProgramFiles%\Microsoft SDKs\Windows\v6.0A\bin\sn.exe" -T

for example:

"C:\Program Files\Microsoft SDKs\Windows\v6.0A\bin\sn.exe" -T c:\Windows\Microsoft.NET\Framework\v4.0.30319\system.xml.dll

Compare the outputted public key token with the expected public key token.

For what it's worth, if you reference a strong named DLL, it will always only load the DLL with the same strong name (you can get around different versions, but that's a separate topic). you can verify the correct (legitimate) DLL is being used by looking at the source of your csproj file to make sure the legitimate public key token is being used.

Upvotes: 4

Patrick D'Souza
Patrick D'Souza

Reputation: 3573

If a assembly is digitally signed then you can be sure of its owner. They say that a picture is worth a thousand words, so here goes...

Select the assembly is question and view its properties as per the image below

enter image description here

enter image description here

Upvotes: 2

Related Questions