Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- How to say if a binary is GS compiled or not, and without symbols?
- >dumpbin /loadconfig test.exe
- Microsoft (R) COFF/PE Dumper Version 10.00.40219.01
- Copyright (C) Microsoft Corporation. All rights reserved.
- Dump of file test.exe
- File Type: EXECUTABLE IMAGE
- Section contains the following load config:
- 00000048 size
- 0 time date stamp
- 0.00 Version
- 0 GlobalFlags Clear
- 0 GlobalFlags Set
- 0 Critical Section Default Timeout
- 0 Decommit Free Block Threshold
- 0 Decommit Total Free Threshold
- 00000000 Lock Prefix Table
- 0 Maximum Allocation Size
- 0 Virtual Memory Threshold
- 0 Process Heap Flags
- 0 Process Affinity Mask
- 0 CSD Version
- 0000 Reserved
- 00000000 Edit list
- > 00408000 Security Cookie <
- 00407840 Safe Exception Handler Table
- 3 Safe Exception Handler Count
- Safe Exception Handler Table
- Address
- --------
- 004025D0
- 00404200
- 00405160
- ... [function entry]
- .text:01005188 mov eax, ___security_cookie
- .text:0100518D mov [ebp+var_1C], eax
- ... [function body]
- .text:010057F6 mov ecx, [ebp+var_1C]
- .text:010057F9 call sub_1007147
- ... [function exit]
- .text:01007147 cmp ecx, ___security_cookie
- .text:0100714D jnz short loc_1007158
- .text:0100714F test ecx, 0FFFF0000h
- .text:01007155 jnz short loc_1007158
- .text:01007157 retn
- .data:01009600 dword_1009600 dd 0FFFF44BFh
- .data:01009604 ___security_cookie dd 0BB40h
Add Comment
Please, Sign In to add comment