> -----Original Message-----
> From: David Litchfield [mailto:david_at_ngssoftware.com]
> Sent: Tuesday, February 04, 2003 12:09 AM
> To: bugtraq_at_securityfocus.com; ntbugtraq_at_listserv.ntbugtraq.com;
> vulnwatch_at_vulnwatch.org
> Subject: Preventing exploitation with rebasing
>
> So how easy is it to rebase DLLs and executables? Very. Microsoft have
> provided a function to do this, ReBaseImage(), exported by
> imagehlp.dll. If
> you rebase an image the new base must be on a 64K boundary -
> i.e. if the
> image base mod 64000 !=0 the base is not valid.
>
There is a tool called "ReBase" shipped with Visual C++ and Visual C++.NET.
<http://msdn.microsoft.com/library/default.asp?url=/library/en-us/tools/perf
util_2z39.asp>
<quote>
Rebase is a command-line tool that you can use to specify the base addresses
for the DLLs that your application uses.
</quote>
<quote>
Alternatively, you can use the ReBaseImage function.
</quote>
Received on Feb 04 2003
Intro
