How to find base address to read cmd line argument from the proces

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Hi,

Our product is use to retrive command line arguments in 2000/2003 using base
address of Parent process. But in Vista Base address of each process is
different so how I can get command line argument of the process using windows
API in Vista.

Thanks,
Vijay
 
Namaste, Vijay
Our product is use to retrive command line arguments in 2000/2003 using
base
address of Parent process. But in Vista Base address of each process is
different so how I can get command line argument of the process using
windows

I guess you're referring to Vista's Address Space Layout Randomization
feature (ASRL)? Are you sure your process is actually getting random base
addresses? If you link your EXE in VS2005 using the /dynamicbase flag, the
PE Header will have a special bit set, in the DLLCHARACTERISTICS field. When
Vista loads the file and sees this bit set, it will randomise the base
address. Most or all of the Microsoft-supplied binaries in Vista are
compiled with this /dynamicbase; hence, they load at random addresses.

But when you create a project in Visual Studio 2005, the /dynamicbase is
*not* added by default - you need to go in to Project Properties and add it.
So most 3rd party EXEs won't be taking part in ASLR - they'll be loading at
the same address as always.

Likewise, apps compiled and linked using VS2003 or earlier don't know
anything about ALSR, so they are not taking part either.

Having said that ... jumping to a memory address and reading bytes, sounds
like a very fragile and vulnerable way to get command line parameters! While
you are undoubtedly doing it for honourable reasons, a similar approach
could be potentially used by many malicious exploits. I'd be scared it will
stop working after the next security hotfix from Microsoft. Whereas a call
to GetCommandLine() should continue to work across all platforms and
versions.

Hope it helps,
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Back
Top