I have some protection built into a client program that downloads a DLL from the Internet and calls a function inside that DLL. The DLL has strong identification, and the function in the DLL uses Assembly.GetCallingAssembly() to determine the calling assembly, so that I can accurately get the path to the program that called it. From there, we perform a hash check of the assembly and verify its correctness.
We have people who are connected in full trust mode and can trick the GetCallingAssembly call to point to the real executable file while they are running the modified version. Is there anything else besides GetCallingAssembly that I can use to get a true caller? Some callstack or something that can provide a real executable, as GetCallingAssembly seems to be easily faked.
willthiswork89
source share