Application Security Testing: An Integral Part of DevOps
We all have seen the dreaded 'Blue screens of death.' These screens actually create dump files on the PC, as a .dmp file, as to where a problem in a certain program occurred. There are also situations where an application simply hangs and hangs; having some sort of dumped data in these situations can be very helpful. Today, you will create a dumping process.
What Is a Dump File?
A dump file is a snapshot of an application. This file shows the following information:
- The process that was executing
- What modules were loaded
- What was in the application's memory if the file was saved with heap information
You can open a dump file in Visual Studio in which you can then examine threads, stacks, and variable values of the application at the time the dump occurred.
Types of Dump Files
There are only two types of dump files:
- Dump files with heaps: These files contain all possible information pertaining to the application at the time the snapshot was taken. This information includes the variable values, stack information, and the running modules.
- Dump files without heaps: These files are much smaller than files that contain heaps because they basically only contain the stack variable values at the time the dump file was created.
Now that you have an idea of what dump files are, let's do a program. Open Visual Basic and create a new Windows Forms project. Once the design view is shown, add one button to your form.
Because you will be dealing with system information, you will need to use system APIs to create a dump process. If you do not know about APIs, please read through this article.
Add the necessary Namespaces:
Imports System.Diagnostics Imports System.IO Imports System.Runtime.InteropServices
Add the MiniDumpWriteDump API declaration:
<DllImport("dbghelp.dll")> _ Private Shared Function MiniDumpWriteDump(ByVal hProcess As IntPtr, _ ByVal ProcessId As Int32, _ ByVal hFile As IntPtr, _ ByVal DumpType As MINIDUMP_TYPE, _ ByVal ExceptionParam As IntPtr, _ ByVal UserStreamParam As IntPtr, _ ByVal CallackParam As IntPtr) As Boolean End Function
Here is more information on the MiniDumpWriteDump API,
Add the necessary settings for the MiniDumpWriteDump API:
Enum MINIDUMP_TYPE DumpNormal = 0 DumpWithDataSegs = 1 DumpWithFullMemory = 2 DumpWithHandleData = 4 DumpFilterMemory = 8 DumpScanMemory = 10 DumpWithUnloadedModules = 20 DumpWithIndirectlyReferencedMemory = 40 DumpFilterModulePaths = 80 DumpWithProcessThreadData = 100 DumpWithPrivateReadWriteMemory = 200 DumpWithoutOptionalData = 400 DumpWithFullMemoryInfo = 800 DumpWithThreadInfo = 1000 DumpWithCodeSegs = 2000 End Enum
Here is more information on the MINIDUMP_Type enumeration.
Add the code that will be responsible for creating the dump file:
Private Sub DumpFile(ByVal strDumpFile As String) 'Create An IO Stream Dim ioDumpFile As IO.FileStream = Nothing 'Check Existance If (IO.File.Exists(strDumpFile)) Then ioDumpFile = IO.File.Open(strDumpFile, IO.FileMode.Append) Else ioDumpFile = IO.File.Create(strDumpFile) End If 'Get Current Process Dim ProcToDump As Process = Process.GetCurrentProcess() 'Get And Write Dump Info MiniDumpWriteDump(ProcToDump.Handle, _ ProcToDump.Id, _ ioDumpFile.SafeFileHandle.DangerousGetHandle(), _ MINIDUMP_TYPE.DumpNormal, _ IntPtr.Zero, _ IntPtr.Zero, _ IntPtr.Zero) ioDumpFile.Close() End Sub
This code simply checks to see whether the specified dump file exists. It gets the current running process and creates the dump file. Add the call to the preceding procedure when the button is clicked:
Private Sub Button1_Click(ByVal sender As System.Object, _ ByVal e As System.EventArgs) Handles Button1.Click 'Call Sub To Write Dump Info 'Into C:\Dumped.txt DumpFile("C:\Dumped.txt") End Sub
Creating dump files allows you to investigate what went wrong in your application.