|
@wdormann | |||||
|
Since this doesn't seem to be a thing, I've created a rudimentary python script that does it. Seems useful.
gist.github.com/wdormann/0a6ee…
Note: For now it requires both Sysinternals ListDLLs and Microsoft dumpbin.exe pic.twitter.com/UuhUrzpcC6
|
||||||
|
||||||
|
Will Dormann
@wdormann
|
22. sij |
|
Are there any tools to auto-enumerate any running processes in Windows that don't leverage ASLR themselves, or have libraries loaded that don't leverage ASLR?
Sort of like what's outlined at @DidierStevens blog.didierstevens.com/2011/01/18/qui… but without requiring any user interaction. pic.twitter.com/sFqNLNI75f
|
||
|
|
||
|
Will Dormann
@wdormann
|
22. sij |
|
I would love to see a "wall of shame" to call out vendors/applications that aren't ASLR compliant. Anybody who runs this script on a real-world system would be able to help contribute!
|
||
|
|
||
|
Will Dormann
@wdormann
|
24. sij |
|
Based on suggestions from @RonnyTNL and @__adh__ I've updated gist.github.com/wdormann/0a6ee…
No longer requires dumpbin.exe or listdlls.exe (if Python pefile and psutil are available). Also exports the findings as a CSV.
Any reported app is a good candidate for EMET or WDEG force ASLR! pic.twitter.com/oTSzeElm2d
|
||
|
|
||
|
Ronny
@RonnyTNL
|
22. sij |
|
have fun gathering, printer drivers, print accounting sw, bundled audio/cam/whatevs software on machines, it's a nightmare.
#whatcouldgowrong
|
||
|
|
||