Details
-
Suggestion
-
Resolution: Out of scope
-
P3: Somewhat important
-
4.6.3
-
None
-
None
Description
PEFlags is a command-line tool, which allows the setting of the DEP and ASLR flags of the PE header of binary files. So Windows applications and DLLs can use Data Execution Prevention and Adress Space Layout Randomisation and make attacks on vulnerabilities more difficult. peflags is contained in the Cygwin rebase package. A direct download is possible from: http://download.videolan.org/pub/videolan/contrib/peflags.c .
To mark a file or dll it is needed to call "peflags --dynamicbase=true --nxcompat=true <FILE>" e.g. as a post build step.