I saw a couple of post(this post specifically) talking about using peverify.exe to check whether the .net exe(or dll) contains unsafe code. But no matter what I do I keep getting File not found or has bad headers error.
Here are my steps -
peverify <complete path of the dll or exe>I keep getting File not found or has bad headers error. This should be simple yet there is something I am missing?
Other attempts with different command with same result is as follows
PEVerify is for the "old" Windows-specific .NET Framework. A newer tool was created for .NET 5+ and .NET Core (although it also works with the old .NET Framework), ILVerify.
To install and run (copying from the README, so this information is here instead of susceptible to link rot):
ILVerify is published as a global tool package. Install it by running:
dotnet tool install --global dotnet-ilverifyExample of use:
C:\test>dotnet ilverify hello.dll -r "c:\Program Files\dotnet\shared\Microsoft.NETCore.App\2.1.12\*.dll" All Classes and Methods in C:\test\hello.dll Verified.Note that ILVerify requires all dependencies of assembly that is being verified to be explicitly specified on the command line.
The package itself is dotnet-ilverify on NuGet.org (here).