The PE-file format specifies flags to enable DEP and ASLR. You can set these flags with a hex-editor or a PE-file editor.
Because I need to set DEP and ASLR flags in a script, I wrote a C-program to read, set or clear these flags (together with another flag to check AuthentiCode signatures, more about this later).
It’s a standard C program, you can compile it under *nix too.
The option handling is simple, you can’t combine flags into one option string. For example, to set DEP and ASLR, you issue the following command:
setdllcharacteristics +n +d program.exe
This will not work:
setdllcharacteristics +nd program.exe
Don’t forget that by changing these flags on signed executables, the signature is not valid anymore. But that shouldn’t be a problem to run the program.
Later, I’ll post tools to force DEP (and maybe ASLR) without changing the PE file.
And I also updated the PE-file format template for the 010 editor to support these 3 flags.
Download:
setdllcharacteristics_v0_0_0_1.zip (https)
MD5: F96358BF90AA4D8C6B32968B2068BFCB
SHA256: 5A9D3815F317C7C0FF7737F271CE0C60BE2CB0F4168C5EA5AD8CEF84AD718577
Didier Stevens 