C Sharp Load Assembly From Untrusted Input
Description
Detects when C# code loads assemblies using Assembly.Load() with untrusted input, which could allow an attacker to load and execute malicious code. This is dangerous because loaded assemblies have full permissions to execute arbitrary code in the application's security context.
Detection Strategy
• Look for calls to System.Reflection.Assembly.Load or its variations (Assembly.Load, Reflection.Assembly.Load)
• Check if the argument passed to Load() contains or is derived from untrusted input (like user-provided data)
• Report a vulnerability if both conditions are met - Assembly.Load is called with an argument that can be controlled by untrusted sources
Vulnerable code example
using System;
using System.Reflection;
public class UnsafeReflection
{
public void LoadAssembly(string userInput)
{
// Vulnerable: Directly loading untrusted assembly from user input...✅ Secure code example
using System;
using System.Reflection;
using System.Security.Cryptography;
using System.Collections.Generic;
public class SafeReflection
{
// Whitelist of allowed assembly names and their hashes...Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.