One of the best features of the .NET runtime is its in-built ability to call native code, whether that’s APIs exposed from dynamic libraries or remote COM objects. Adding this in-built functionality to an “type-safe” runtime has its drawbacks, not the least the introduction of security issues due to misuse. This presentation will go into depth on how the .NET runtime implements its various interop features, where the bodies are buried and how to use that to find issues ranging from novel code execution mechanisms, elevation of privilege up to remote code execution. The presentation will assume the attendee has some familiarity with .NET and how the runtime executes code.