software

v6.5.0 : dnSpy Version 6.5.0 – New Features, Improvements, And Bug Fixes

In this update, dnSpy introduces a host of new features, enhancements, and bug fixes, making it a more powerful and efficient .NET debugger and decompiler. From support for .NET 8 and C# ref types to improved debugger capabilities and performance optimizations, let’s dive into the exciting changes brought by dnSpy v6.5.0.

New Features

  • dnSpy now runs on .NET 8 and .NET Framework 4.8.
  • dnSpy now handles TypeRef rows with a ResolutionScope of 0 in the same way as the CLR rather than following the ECMA specification.
  • The low-level metadata editor is now aware of the implications of the #JTD metadata stream being present.
  • Enable Windows targetting in project files to allow compiling on other platforms (Note: dnSpy will still only run on Windows due to the WPF dependency)
  • Added binding redirects for various common assemblies with frequent version bumps to make extensions compiled for older versions load more seamlessly.
  • Added support for new resource serialization formats added as part of System.Resources.Extensions
  • Added a new, opt-out, update checker which runs on startup and will display an update notification in a new information bar component.
  • C# Interactive now references additional libraries giving access to newer features like Span<T> or immutable collections.
  • Enabled Server and concurrent GC as well as RDP hardware acceleration in the .NET 8 builds
  • ILSpy Decompiler:
    • Added support for C# ref types to the decompiler – ref types are now correctly decompiled into the proper C# syntax instead of being decompiled into pointer types.
    • Added support for C# function pointers to the decompiler – Function pointers are now correctly represented using the C# syntax rather than simple types of name method
  • Debugger
    • The debugger now supports displaying tuple element names, dynamic types, and native integer types defined in custom attributes.
    • The debugger expression evaluator now includes support for tuple element names and dynamic types.
    • Debugger tool windows now use the correct C# 9 function pointer syntax as well as the correct ref type syntax.
    • Display a message dialog when valid metadata cannot be obtained when executing the Open module from memory command.
    • Added an additional option to the .NET Framework start debugging dialog to override the CLR version to use for debugging purposes. This can be helpful for files that use obfuscated native loaders when dnSpy can’t automatically detect the correct CLR version.

Improvements And Bug Fixes

  • Fixed loading XML documentation for System.Private.CoreLib.dll.
  • Improve the method overridden by analyzer to take into account explicit overrides in the metadata.
  • Minor improvements to the low-level metadata table editor.
  • Improve dependency assembly resolution for cases where .NET Core/.NET 5+ or .NET Framework 2.0 might not be installed.
  • Improve performance of members overridden by analyzers.
  • Prevent the dependency assembly resolver from performing IO calls on assembly references with invalid file names.
  • Minor improvements to the member analyzer to reduce false positives.
  • Fixed some null reference errors that could occur when deleting a member or type that was still referenced in a module.
  • Improve assembly resolution performance when the module list is frozen (this is a backend change, no behavioral changes will be observable)
  • Updated Chinese translations.
  • Debugger:
    • Fixed some cases where expressions generated for the expression evaluator were missing parenthesis leading to errors.
    • Improve formatting of multi-dimensional array types in the local, watch, and autos windows.
    • Extend the breakpoint filter expression evaluator to allow for more complicated expressions.
    • Fixed a bug that caused the Raw Locals view to fail when the assembly referenced multiple core libraries.
    • Improve handling of dynamic types in Raw Locals display mode.
    • Extend support for attaching to Unity processes (by @rigdern)
    • Gracefully handle the case when the CorDebug IMetaDataImport interface cannot be obtained for a given module.
    • Improve the accuracy of the Break on entry point and break on module constructor feature for single file bundle debugging.
  • ILSpy Decompiler:
    • Usual round of optimizations and performance improvements.
    • Fixed incorrect methodof decompilation for ldtoken of a method.
    • Corrected expected prefixes on call and ldftn instructions.
    • Improve ambiguous type name analysis to include namespace names as ambiguous identifiers.
    • Improve IL disassembler display of function pointer types.
    • Improve decompilation of array access through special methods defined on array signatures.
  • BAML decompiler:
    • Improve decompilation and detection of BAML connection ID mappings found in method bodies.
    • Improve behavior when member and type references cannot be resolved to the declaring definitions due to missing dependencies.
    • Added support for specially declared BAML attributes – xml:lang and xml:space are now properly decompiled on all occasions.
    • Avoid outputting invalid identifier characters by ensuring all identifiers are escaped before being written to the output.
    • Fixed a crash in the BAML decompiler which could occur when assembly references were missing.

Dependency Updates

  • Updated dnlib to 4.4.0
  • Updated Iced to 1.21.0
  • Updated Rosyn compiler to 4.8.0
  • Updated VS MEF to 17.7.26
  • Updated NuGet.Configuration to 6.8.0
  • Updated dbgshim.dll component to the .NET 8 version

New Contributors

Full Changelogv6.4.1…v6.5.0

SHA-256 hashes:
dnSpy-net-win32.zipacb63b4e3ea68e1931497ca74897176e712731e3840c73dfc8c1b9986fb240ab
dnSpy-net-win64.zip43d68dcfe37c441b7fbd46f032a7e8e94f198d83df3578fb316e58bd1c8f0595
dnSpy-netframework.zip5962e3cca902e650c61050e2a879af58b78eec91288b7a7b77a7bc761424a0ed

Tamil S

Tamil has a great interest in the fields of Cyber Security, OSINT, and CTF projects. Currently, he is deeply involved in researching and publishing various security tools with Kali Linux Tutorials, which is quite fascinating.

Recent Posts

ShadowDumper – Advanced Techniques For LSASS Memory Extraction

Shadow Dumper is a powerful tool used to dump LSASS (Local Security Authority Subsystem Service)…

4 hours ago

Shadow-rs : Harnessing Rust’s Power For Kernel-Level Security Research

shadow-rs is a Windows kernel rootkit written in Rust, demonstrating advanced techniques for kernel manipulation…

2 weeks ago

ExecutePeFromPngViaLNK – Advanced Execution Of Embedded PE Files via PNG And LNK

Extract and execute a PE embedded within a PNG file using an LNK file. The…

3 weeks ago

Red Team Certification – A Comprehensive Guide To Advancing In Cybersecurity Operations

Embark on the journey of becoming a certified Red Team professional with our definitive guide.…

3 weeks ago

CVE-2024-5836 / CVE-2024-6778 : Chromium Sandbox Escape via Extension Exploits

This repository contains proof of concept exploits for CVE-2024-5836 and CVE-2024-6778, which are vulnerabilities within…

4 weeks ago

Rust BOFs – Unlocking New Potentials In Cobalt Strike

This took me like 4 days (+2 days for an update), but I got it…

4 weeks ago