我正在尝试读取PE头,并想查看exe是否启用了ASLR。
我目前正在做:
if (PE.FileHeader->OptionalHeader.DllCharacteristics == IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE)
std::cout << "ASLR is enabled :)" << std::endl;
else
std::cout << "ASLR is disabled >:(" << std::endl;
然而,我总是得到&#34; ASLR被禁用&gt; :(&#34;,即使我知道ASLR已启用。
我知道这与我的运营商有关,但我如何测试并查看PE标头是否具有某个WORD字符?
答案 0 :(得分:5)
DllCharacteristics是一个位掩码,它可以包含多个启用的标志。您的支票必须使用按位&运算符,而不是==运算符:
if (PE.FileHeader->OptionalHeader.DllCharacteristics & IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE)
std::cout << "ASLR is enabled :)" << std::endl;
else
std::cout << "ASLR is disabled >:(" << std::endl;
答案 1 :(得分:1)
发现它在多位标志的情况下通过以下方式工作IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE是DllCharacteristics中的最高位:
String SCOPE = "https://www.googleapis.com/auth/firebase.messaging";
String FCM_ENDPOINT
= "https://fcm.googleapis.com/v1/projects/zoftino-stores/messages:send";
GoogleCredential googleCredential = GoogleCredential
.fromStream(new FileInputStream("firebase-private-key.json"))
.createScoped(Arrays.asList(SCOPE));
googleCredential.refreshToken();
String token = googleCredential.getAccessToken();
final MediaType mediaType = MediaType.parse("application/json");
OkHttpClient httpClient = new OkHttpClient();
Request request = new Request.Builder()
.url(FCM_ENDPOINT)
.addHeader("Content-Type", "application/json; UTF-8")
.addHeader("Authorization", "Bearer " + token)
.post(RequestBody.create(mediaType, jsonMessage))
.build();
Response response = httpClient.newCall(request).execute();
if (response.isSuccessful()) {
log.info("Message sent to FCM server");
}