All geek questions in one place

.NET Binary Serialization Metadata

A week ago, I was in a situation where I had to read a binary serialized object made by another application made by someone else. I only had the someSerializedData.bin file, so I tried to manually recreate the class definition for an unknown object, and I was able to do this because of the metadata in the serialized file. Oddly enough, I could not find any tool on Google.

Q1: Why is there no tool that recreates a class definition from a binary serialized file / data?

And that leads to my second question

Q2: Is there such a case when it is impossible to restore the class definition from serialized data? (Assuming it isn't encrypted or messed up in any way, I'm interested in cases related to the "standard" .NET Binaryserializer properties to disable type information and metadata)

+6
source share
4 answers

The reason that no tool exists is because creating a type that only contains data is often not enough. Methods are often as important as data, especially with properties that don't just set their private variables. No one knows what these methods are.

With that said, it might be useful to have a tool that is at least capable of generating a type for storing data. Maybe you will be the first to create such a tool?

+1
source

It is not possible to deserialize binary data without knowing what is in it. The only way to do this is to serialize it, for example, using JSON or XML. Example to illustrate:

Your name "Casual" can be serialized as follows: 67,97,115,117,97,108. If you have not noticed this: this is done using ASCII encoding (if I was not mistaken). So now imagine that you do not know what this is done with ASCII, which says that it is not just an array with numbers? Or 3 arrays of 2 numbers? Or an object with ID 67 and an object with ID 117. No one knows that your task is impossible.

The only option is to communicate with the person who first serialized it, and asks how it is done and what objects are serialized in this binary object.

Yours faithfully

+2
source

Q1: Why is there no tool that recreates a class definition from a binary serialized file / data?

I assume that very few people need it. To begin with, binary serialization is not as popular as XML, JSON, and other formats that are standardized and supported almost anywhere.

There is no documentation in binary format. To understand this, you need to delve into the sources of the .NET Framework. This is not fun.

Q2: Is there such a case when it is impossible to restore the class definition from serialized data?

It appears that the binary format contains enough data. If you absolutely need a tool to reverse-engineer the source classes and their fields from serialized files, you can start by reading sources System.Runtime.Serialization.Formatters.Binary.BinaryFormatter , System.Runtime.Serialization.Formatters.Binary.ObjectReader and other classes from mscorlib.

However, if the application that created the files is not confused, I suggest decompiling it first. Most likely, it will be much easier.

PS Remember to consult your lawyer.

+2
source

I'm not sure if the metadata has enough information to re-create the type. Imagine complex (as nested) graphs of objects. In your previous question there were problems with member types (String vs int).

As for your second question, I'm not sure what you are trying to achieve. I'm not sure that you can use BinaryFormatter to output data in a way that is not so easy to rebuild, but other methods should be simple to implement.

+1
source

Source: https://habr.com/ru/post/951747/

More articles:


All Articles