[OWASP-Delhi] How to implement ASLR & DEP in C# thick client applications?

Vinil Menon vinilm at yahoo.com
Tue Jul 7 05:26:22 UTC 2015


.NET since 2.0 has DEP on (via NXCOMPAT). And since the code is JIT, you don't need to worry about ASLR either. 

So in short - a C# Winform application running on CLR has DEP and ASLR enabled by default. 

      From: sanjay kumar <sanjay1519841 at gmail.com>
 To: Dhruv Soi <dhruv.soi at owasp.org> 
Cc: owasp-delhi <owasp-delhi at lists.owasp.org> 
 Sent: Monday, July 6, 2015 12:05 PM
 Subject: Re: [OWASP-Delhi] How to implement ASLR & DEP in C# thick client applications?
   
Thanks Dhruv,
But the question is for c#, I dint find such specific result for tht. 



On Sunday, July 5, 2015, Dhruv Soi <dhruv.soi at owasp.org> wrote:

http://www.lmgtfy.com/?q=threats+of+no+aslr+in+applications

http://www.lmgtfy.com/?q=aslr+c%23

On Fri, Jul 3, 2015 at 12:16 PM, sanjay kumar <sanjay1519841 at gmail.com> wrote:
> Hi,
>
> Does anyone knows how to implement ASLR (Address Space Layout
> Randomization), DEP (Data Execution Prevention) in thick client application
> based on C#?
>
> If it cannot be implement then what is the risk in applications which
> developed in C#?
>
> Regards,
>
> Sanjay Kumar
>
>
>
> _______________________________________________
> OWASP-Delhi mailing list
> OWASP-Delhi at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-delhi
> LinkedIn Group: https://www.linkedin.com/groups?gid=89270
> Twitter: https://twitter.com/OWASPdelhi


_______________________________________________
OWASP-Delhi mailing list
OWASP-Delhi at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-delhi
LinkedIn Group: https://www.linkedin.com/groups?gid=89270
Twitter: https://twitter.com/OWASPdelhi

  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-delhi/attachments/20150707/7e8aed63/attachment-0001.html>


More information about the OWASP-Delhi mailing list