Các mã thông báo sẽ cung cấp cho các ứng dụng một tham số không thể đoán trước và duy nhất đó là cụ thể, làm cho cấu trúc điều khiển của ứng dụng khác nhau trên khắp người sử dụng. Hành vi này làm cho cấu trúc điều khiển không thể đoán trước cho kẻ tấn công, | 114 Hacking Exposed Web Microsoft developed the .Net platform as a competitor to Sun Microsystems Java language and SDK. The .Net Framework allows developers to work within a controlled environment that handles memory management and object lifetime management and it provides a framework for developers to develop web server and client applications. .Net provides support for multiple languages including C Visual and Managed C the web application platform and broad class libraries. Code written in a .Net language does not run directly on the machine but is instead executed by the Common Language Runtime CLR . The CLR provides memory and object management functions in addition to abstracting away the underlying platform. By providing this layer of abstraction .Net code is able to run on multiple operating systems and processor architectures while preventing vulnerabilities such as buffer overflows integer overflows and format string vulnerabilities traditionally related to poor memory management. Code written to use the CLR is commonly referred to as managed code while traditional code that runs outside of the CLR is referred to as native code. This vocabulary is derived from the fact that CLR code runs in a managed environment while other code runs natively on the machine s processor. Currently Microsoft ships a CLR implementation for Windows and Windows CE but the open source community has created the Mono implementation of the CLR. The Mono implementation of CLR is truly platform-independent and is capable of running on several operating systems including Linux Mac OS X and FreeBSD. The availability of Mono allows some .Net applications to be ported from Windows. At the time of this writing the most current version of the .Net Framework is . .Net is the fourth version of the .Net Framework and the third release of the CLR. Version of the .Net Framework was preceded by .Net and . The .Net Framework represented a small .