Hello,
I'd like to ask you to fully support ASLR protection on Windows, including for the dll that Virtual Clone loads to Explorer.exe. It opens Explorer to attacks.
Thanks
What is ASLR?
Do you have a link which explains it?
ASLR moves executable images into random locations when a system boots, making it harder for exploit code to operate predictably.
Thanks, I'll forward this to the people in charge.ASLR means Address Space Layout Randomization.
Source: http://msdn.microsoft.com/en-us/library/bb430720.aspx
I didn't verify if Virtual Clone supports DEP, but DEP and ASLR should be used together.
DEP is also mentioned in the same link.
More:
http://blogs.msdn.com/b/michael_how...ce-layout-randomization-in-windows-vista.aspx
http://msdn.microsoft.com/en-us/library/bb384887.aspx
I'm sure you'll find more info on both ASLR and DEP, by searching MSDN library.
Thanks
Its another useless microsoft 'security' thing, and its easy to get the addresses of dlls etc in a process without apis, theres quite a few rootkits out there that do it.. As for dep, thats a joke too..there are at least two methods to backdoor it (ie: get windows to turn it off for the process..and its easily visible in the code), and one api call to disable it in the current process or in another process.
Note that i am being deliberately vague and not going into details but believe me..~snip~
Address Space Layout Randomization (ASLR). ASLR was first introduced in Windows Vista and works by randomly shuffling the location of most code and data in memory to block assumptions that the code and data are at same address on all PCs. In Windows 8, Microsoft extended ASLR’s protection to more parts of Windows and introduced enhancements such as increased randomization that will break many known techniques for circumventing ASLR.