mIRC Home    About    Download    Register    News    Help

Print Thread
#265940 18/08/19 01:16 PM
Joined: Aug 2019
Posts: 16
Pikka bird
OP Offline
Pikka bird
Joined: Aug 2019
Posts: 16
As per https://docs.microsoft.com/en-us/cpp/build/reference/guard-enable-control-flow-guard?view=vs-2019:

Quote
Control Flow Guard (CFG) is a highly-optimized platform security feature that was created to combat memory corruption vulnerabilities. By placing tight restrictions on where an application can execute code from, it makes it much harder for exploits to execute arbitrary code through vulnerabilities such as buffer overflows.


As far as I can tell, ASLR seems to be already supported / enabled.

Joined: Dec 2002
Posts: 5,411
Hoopy frood
Offline
Hoopy frood
Joined: Dec 2002
Posts: 5,411
mIRC is currently built with Visual Studio 2008. As far as I am aware, the guard option is only available in Visual Studio 2015 and onwards. I may move to a newer version of Visual Studio in the future but that would likely require code-rewriting and a lengthy beta cycle.

Joined: Feb 2003
Posts: 2,812
Hoopy frood
Offline
Hoopy frood
Joined: Feb 2003
Posts: 2,812
(I notice that VC++ VS 2015 Community is très popular on the githubs for windows projects)


Well. At least I won lunch.
Good philosophy, see good in bad, I like!
Joined: Aug 2019
Posts: 16
Pikka bird
OP Offline
Pikka bird
Joined: Aug 2019
Posts: 16
If anyone is curious, here is the working set of "mitigation options"; tested on Win 10 10362.

Code
<?xml version="1.0" encoding="UTF-8"?>
<MitigationPolicy>
  <AppConfig Executable="mirc.exe">
    <DEP Enable="true" EmulateAtlThunks="false" />
    <ASLR ForceRelocateImages="true" RequireInfo="false" BottomUp="true" HighEntropy="true" />
    <StrictHandle Enable="true" />
    <ExtensionPoints DisableExtensionPoints="true" />
    <DynamicCode BlockDynamicCode="true" AllowThreadsToOptOut="false" Audit="false" />
    <ControlFlowGuard Enable="true" SuppressExports="false" />
    <SignedBinaries MicrosoftSignedOnly="true" AllowStoreSignedBinaries="false" Audit="false" AuditStoreSigned="false" EnforceModuleDependencySigning="true" />
    <Fonts DisableNonSystemFonts="true" AuditOnly="false" Audit="false" />
    <ImageLoad BlockRemoteImageLoads="true" AuditRemoteImageLoads="false" BlockLowLabelImageLoads="true" AuditLowLabelImageLoads="false" />
    <Payload EnableExportAddressFilter="true" AuditEnableExportAddressFilter="false" EnableExportAddressFilterPlus="true" AuditEnableExportAddressFilterPlus="false" EnableImportAddressFilter="true" AuditEnableImportAddressFilter="false" EnableRopStackPivot="true" AuditEnableRopStackPivot="false" EnableRopCallerCheck="true" AuditEnableRopCallerCheck="false" EnableRopSimExec="true" AuditEnableRopSimExec="false" />
    <SEHOP Enable="true" TelemetryOnly="false" />
    <Heap TerminateOnError="true" />
    <ChildProcess DisallowChildProcessCreation="true" Audit="false" />
  </AppConfig>
</MitigationPolicy>


Link Copied to Clipboard