software development windows nutshell
Post on 20-May-2015
49 Views
Preview:
TRANSCRIPT
Software Development on Windows
in a mini-nutsehll
Himanshu Pareek
1
Agenda
2
Introduction
Write User Friendly Applications
Respect UAC
Use Application Verifier
Use Defense Offered by Visual Studio
Kernel Mode Programming – Rules
Developing on Windows
3
Windows SDK [Win32 API]
Windows Native API (System Calls) User Mode
Kernel Mode
Visual
Basic MFC JRE …
.NET
ASP
Windows Kernel DDI
Tools
4
• Use SDK and DDK Develop with Visual Studio
• Sysinternals Suite Analyze
• WinDbg
• Windows Application Verifier Debug
• Application Compatibility Toolkit Test
Compatibility
• MSI Project Package
Choose the right form for software
5
• Command Line Application
• GUI Application
• Service Executable
• Static [.lib]
• Dynamic [.dll] Library
Driver [.sys]
Choose the Right Place For Software
6
Application
System Libraries
More System Libraries
Kernel Interface
Kernel
User Mode
Kernel Mode
Choose the appropriate storage for
Application Data.
7
Registry {HKLM\Software\<>}
C:\Users\<User Name>\<.application
folder>
Create file system hierarchy under
installation Directory
?? C:\Program
Files\
Before you switch to 3rd Party Library
8
Security Related
CryptoAPI
WinTrust
Certificate Enrollment API
Process, Thread Related Information
PSAPI
Remote Management
Compression
Image Processing Libraries
……….
COM
WMI
Hungarian Coding Notation
9
Prefix Description
a Array
b Boolean
c char
szr Zero terminated string
m_ Data member of class
n Short Integer
cb Count of bytes
f flag
g_ Global
C Class
i Integer
Use Code Analysis
10
Kernel Mode Programming
Static Driver Verifier
whole driver analyzer
PREFast
per function analyzer
.NET
FxCop
Visual Studio Code Analysis
/analyze
Write Friendly Applications
11
Responsive GUI
Work with (not against)
Anti Virus
Firewall
Install should
BE Reversible
BE done to correct folder by default
COPY Digitally signed files & drivers
BE Secure By Default
Write Friendly Applications (2)
12
I. Adhere to Restart Manager Messages
II. Support Multiuser Sessions
III. Give a second thought to
I. Loading Services and Drivers in Safe Mode
II. Not supporting 64 bit Windows
User Account Control
13
Adjusting the permissions as per requirement
For Example Logged in as Administrator? Yes
Need Admin Privileges? No
Run as standard User
Windows Application Verifier
14
Heap Errors
Handle Errors
Lock Errors
Memory Errors
Thread Errors
File Path Errors
Install Kernel Mode Driver
Low Resource
Limited User Account Predictor
Dangerous APIs
Dirty Stacks
Defenses Offered by Visual Studio
Stack-based Buffer Overrun Detection (/GS)
Safe Exception Handling (/SafeSEH)
Data Execution Prevention (DEP) Compatibility (/NXCompat)
Image Randomization (/DynamicBase)
Automatic use of safer function calls #define _CRT_SECURE_CPP_OVERLOAD_STANDARD_NAMES 1
15
CERT Coding Standards
16
Be Specific When dynamically loading libraries
Don't forcibly terminate execution
Restrict privileges when spawning child process
Understand handle inheritance
Consider encrypting function pointers
Kernel Mode Programming
17
Directly reference user-mode memory? NO
Code executing at or above DISPATCH_LEVEL must not cause
page faults.
Allocations from the PagedPool must occur at an IRQL less than
DISPATCH_LEVEL. Allocations from the NonPagedPool must occur
at an IRQL less than or equal to DISPATCH_LEVEL.
Allocate non paged pool memory for long-term use at start-up
Use look aside lists
Kernel Mode Programming
18
Make sure that the subroutine that claims the lock releases it
never tries to claim it twice,
don’t call any other subroutine while you own the lock.
Use the IoGetStackLimits and IoGetRemainingStackSize routines
determine whether enough stack space remains to call a function to perform a
task and,
if not, queue the task to a work item.
top related