22 Jul 2011 @ 6:34 PM 

One of my friend and colleague was working on automating Microsoft Attack Surface Analyzer (not going to explain what it is or what it does) for some of the projects. There is nothing much to automate other than generating baseline/product cabs and generating reports. For generating cabs, one has to just run the command asa.exe and you have the cabs in position. But for making reports, one has to run “Attack Surface Analyzer.exe”, select the cabs and press “Generate” button. Not quite scriptable is it? Searched for documentation or any online help, but there was none. Well, it is time for a (very) little bit of reverse engineering πŸ˜€

Microsoft Attack Surface Analyzer

“Attack Surface Analyzer.exe” is a .NET exe. So let us fire up Reflector. Oops, we don’t have free version of Reflector these days (too bad Red Gate). Fortunately we have ILSpy :). Fire up ILSpy and load the exe.
ILSpy

ILSpy have already identified the entry point for us, just click there and we will end up in Main.

Well, game over!

For the sake of completeness, I am posting the command line parameters here.

“Attack Surface Analyzer.exe” /BASELINE “your_baseline.cab” /PRODUCT “your_product.cab” /REPORT “your_report_dir” /USEHTML

Not sure why it was not documented πŸ˜›

Posted By: Dan
Last Edit: 22 Jul 2011 @ 06:45 PM

EmailPermalink
Tags


 

Responses to this post » (None)

 
Post a Comment

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>


 Last 50 Posts
Change Theme...
  • Users » 1
  • Posts/Pages » 19
  • Comments » 41
Change Theme...
  • VoidVoid « Default
  • LifeLife
  • EarthEarth
  • WindWind
  • WaterWater
  • FireFire
  • LightLight

About



    No Child Pages.