public bool GetAslrPolicy(out string bottomUpRandomization, out string forceRelocateImages, out string highEntropy, out string disallowStrippedImages) { ProcessASLR aslr = new ProcessASLR(); bool done = false; try { done = GetProcessMitigationPolicy(ProcList[ProcNumber].Handle, Process_Mitigation_Policy.ProcessASLRPolicy, ref aslr, Marshal.SizeOf(aslr)); } catch (Win32Exception e) { bottomUpRandomization = "AcessDenied"; forceRelocateImages = highEntropy = disallowStrippedImages = bottomUpRandomization; return(done); } catch (Exception) { bottomUpRandomization = "Process_end"; forceRelocateImages = highEntropy = disallowStrippedImages = bottomUpRandomization; return(done); } if (done) { bottomUpRandomization = aslr.EnableBottomUpRandomization ? "Enable" : "Disable"; forceRelocateImages = aslr.EnableForceRelocateImages ? "Enable" : "Disable"; highEntropy = aslr.EnableHighEntropy ? "Enable" : "Disable"; disallowStrippedImages = aslr.DisallowStrippedImages ? "Enable" : "Disable"; return(done); } else { bottomUpRandomization = "NoASLRInfo"; forceRelocateImages = highEntropy = disallowStrippedImages = bottomUpRandomization; return(done); } }
static extern bool GetProcessMitigationPolicy( IntPtr hProcess, Process_Mitigation_Policy mitigationPolicy, ref ProcessASLR lpBuffer, int dwLength);