How do you disable ASLR on Windows 7 x64 so that my program will always load the shared CRT at the same address?
Previously you had to opt in to allowing the linker to use ASLR. Now, you have to opt out:
/DYNAMICBASE[:NO]
(Visual Studio 2012: Configuration Properties -> Linker -> Advanced -> "Randomized Base Address")
You can also do it programmatically.
The Enhanced Mitigation Experience Toolkit (EMET), downloadable from Microsoft, allows to enable/disable ASLR it on a system or process basis.
A registry setting is available to forcibly enable or disable ASLR for all executables and libraries and is found at HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\MoveImages.
Related
You open Android Studio as always, but if you would like to run an emulator device one of the following error appear:
Unable to install Android Emulator Hypervisor Driver for AMD
Processors
or
Intel HAXM is required to run this AVD.
Android Emulator Hypervisor
Driver for AMD Processor is not installed.
or later in cmd or Powershell
[SC] DeleteService succeed. Fail of [SC] StartService error 4294967201
INTRODUCTION
First of all, I know that there are some posts out there. But there not up to date or incomplete.
I want to point that my intention with this post is to make a nearly 100% working knowledge base for this issue. Serving as a step by step tutorial for fixing that problem properly.
Don't panic, we will fix that now :)
CHECK-1:
Check your BIOS Settings first. Virtualization Technology needs to be enabled in BIOS.
Gigabyte, Asus Rog or MSI for example call that SVM Mode ("Secure Virtual Machine") other may call that as mentioned: "Virtualization"
F2/Del to access BIOS -> Advanced Settings -> CPU Configuration -> SVM Mode -> Enable, safe that with F10 (Asus BIOS Example)
As BIOS options are different among vendors, please refer to your system manufacturer's manual.
CHECK-2:
Type in your Windows searchbar (Lower left corner) "Windows Features".
Make sure Hyper-V and Windows Hypervisor Platform are disabled. All Windows features enabling Hyper-V either explicitly or silently must be turned off. Restart your computer after. See the screenshots below for what you need to uncheck:
Note that in a future Studio 4.0 release, these instructions will be automatically run as part of the SDK Manager update and become obsolete.
CHECK-3:
To really ensure that Hyper-V is disabled run following command in Powershell.
Open powershell: Right click on your Windows Logo (Lower left corner) -> click Windows Powershell (Administrator) -> proceed with following command:
Disable-WindowsOptionalFeature -Online -FeatureName Microsoft-Hyper-V
SETUP ANDROID STUDIO
We now want to install the missing Hypervisor Driver for AMD Processors:
In Android Studio navigate File -> Settings -> expand Appearance & Behavior -> expand System Settings -> Android SDK -> SDK Tools -> install Android Emulator Hypervisor Driver for AMD Processors (installer) -> Apply -> OK
RUN THE INSTALLER
Now you downloaded the package of the driver you need to find it's location.
In the image below you see the path of your Android SDK's.
Copy that path into your Explorer and navigate through like in image below to your silent_install.bat
Copy the complete path of your explorer and run Powershell as Administrator (how to open, explained above). In Powershell type:
cd [here your copied path]
Afterwards execute your installer by typing:
.\silent_install.bat
You will probably get an error, but that isn't important, because the installer worked. We will see it later. The service only couldn't start because one of our 3 CHECKS above are not done properly.
Then it will look something like that:
We use this "worst case" to proof that the installer operated sucessfully even with the following errors.
[SC] DeleteService succeed. Fail of [SC] StartService error 4294967201
They may lead you to a github directory. To download a code there, but it isn't necessary at all. It worked already. Let's try it out.
PS: If everything went as it should it will look like that (Best case):
CREATING EMULATOR DEVICE
Let's create an android device and test it. I made it step by step as shown in the screenshots:
After you selected a device you are finally able to download the android version of the device:
Make your unique settings:
Run your device:
FINAL & CONCLUSION
Now you are able to work with the android studio emulator and an AMD Processor. Congratz! :)
I know it was a long tutorial, but you made it trough.
If you face any issues, comment below, I try to help you!
That was it once again from my side. I keep this post updated.
I am currently running Twincat 3.1..4022.16 on Hyper V virtual machine.
I am able to correctly build my project but when activating configuration I am getting realtime startup isolated cpu fail.
Attached is my Realtime setting and the error.
Any leads to solution will be highly appreciated.
I got the following errors when trying to activate my configuration using TwinCAT 4024.10.
Severity
Description
Error
'TwinCAT System' (10000): Sending ams command >> Init4\RTime: Start Interrupt: Ticker started >> AdsError: 4132 (0x1024, RTIME: incompatible software detected) << failed!
Error
'TCRTIME' (200): start of real-time avoided by "HyperV"
Solution
The issue was caused by the fact that I had earlier tried to get Docker working on my laptop. In order to get Docker to work I had to enable a bunch of Hypervisor options. After realizing this I reverted these by doing the following:
Press the windows key and start typing "Turn Windows features on or off"
In the following menu, make sure "Virtual Machine Platform" and "Windows Hypervisor Platform" are deselected. In case either option was selected, deselect it and restart your computer for it to take effect.
I found this on the Beckhoff website:
The runtime environment cannot be started inside a Hyper-V
environment. This refers in particular to virtual Hyper-V machines,
which are run in a privileged Hyper-V machine. As soon as a component
of the computer uses Hyper-V, only the engineering environment (XAE)
can be used on this computer, not the runtime environment (XAR). Apart
from software solutions for virtual machines, you can also use
operating system means (Device Guard, Credential Guard,
virtualization-based security, etc.) or other Hyper-V programs.
Link
Read available number of CPUs from the Target, then change number of Isolated Cores from 0 to any higher number (most cases 1) and decrease number of Cores that are dedicated to Windows.
After that click Set on target.
Here's link to detailed article about Twincat and Virtualization
alltwincat.com/2018/06/14/twincat-virtualization/
This is a supplement to Roald's answer.
If you already deactivated Virtual Machine Platform, Windows Hypervisor Platform and Microsoft Defender Platform Guard and still doesn't work, chances are you have virtualization-based security enabled. You can check it by typing msinfo on windows search box.
To deactivate it, type Core Isolation on the windows search box and deactivate Memory Integrity. Restart the machine and run ms info again to make sure that VBS is off.
Go to Twincat, activate your project and witness a miracle!
If none of the above solutions worked, try to uncheck the below settings in Windows 11:
Privacy & security > Windows security > device security > core isolation > memory integrity >> off
Supplement to Felipe's and Roald's answer: latest offender prohibiting TwinCAT from starting is yet another virtualization feature: Windows Sandbox. Can be turned toggled in the Windows Features dialog accessible from Start->Turn Windows features on or off.
I have aslr enabled and when I play some game called assault cube the base address of this program is always the same (00400000) I get it by doing GetModuleHandle(NULL) also tried to get it with windbg and it also says 00400000 and I was wondering how come it never changes since for the other programs it always changes?
Even if you have ASLR enabled globally, Windows only applies it to applications that specifically indicate that they support it. Doing otherwise could easily make legacy applications crash unexpectedly, leading to compatibility problems. All executables and supporting DLLs must explicitly indicate that they support ASLR.
Indicating that you support ASLR is something you do when linking the object file by specifying the /DYNAMICBASE option (at least if you're using Microsoft's linker). Modern versions of the linker have it turned on by default, but if your game was compiled with an older version of the toolset before dynamic address relocation support was the default (e.g., VS 2008 and earlier) or with a linker from a different vendor, it is likely that it was not linked with ASLR support.
This is called out in the relevant MSDN article (emphasis added):
ASLR moves executable images into random locations when a system boots, making it harder for exploit code to operate predictably. For a component to support ASLR, all components that it loads must also support ASLR. For example, if A.exe consumes B.dll and C.dll, all three must support ASLR. By default, Windows Vista and later will randomize system DLLs and EXEs, but DLLs and EXEs created by ISVs must opt in to support ASLR using the /DYNAMICBASE linker option.
See also: Vista ASLR is not on by default for image base addresses
Note that you can modify the PE header of an existing binary, forcing it to support ASLR, by running the editbin utility available with the SDK. As with the linker, the /dynamicbase switch will turn it on.
Or, you can force ASLR globally by editing the following registry entry:
HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\MoveImages
Of course, neither of these actually change the code, so if there are compatibility problems, the application will break.
I am trying to debug the kernel using windbg.My host is windows 7 x64.My target is windows 7 x86 which is installed in vmware.I have successfully connected to target machine.But often I am getting an error symbols could not be loaded.I have already set the path for symbols using the url of msdn.But I unable to connect net during debugging.SO I have planned to download symbols and specify the path .If I want to download means whether I have to download the x86 symbols or x64 symbols?
You need the symbols for the OS that's being debugged, 32-bit Windows 7 in your case.
Since your target PC is 32-bit, its drivers will be 32-bit as well and will require the 32-bit symbols for debugging.
Debugging session should not matter for connectivity to internet. If that is the issue, you may want to look into that.
You may also want to check:
Have you saved your workspace settings, so that symbol path is always set appropriately?
Try !sym noisy on debugger prompt and check for which symbols its giving the problems.
I am developing a driver based on ddk sample "passthru" and I have trouble loading this driver in win7(x86 or x64). I have tested my driver in winxp (x86 and x64), and it works pretty well, but when I tried to load this driver into win7 (F8->Disable Driver Signature Enforcement), it seemed failed. Then, I tried the native passthru code, it also failed. I thought it failed because
I can not see any outputs using KdPrint fron windbg.
I can not see any useful information from system event.
I set a breakpoint on passthru!DriverEntry, it seems that DriverEntry has not been called.
My WDK is 7600.16385.1, and passthru is supposed to be compatible with win7. I compile passthru using command "build -cZ".
Could you help me understanding this problem, or any clue about why passthru not loaded in win7?
I have built this driver in win7 x86 checked build environment, and tested in win7 x86.
Solved: Actually, the driver has been loaded, but the output of KdPrint not shown in win7 by default, you should use KdPrintEx to specify message level, or modify registry to make debug message shown. Now I have no idea why bp failed either.
Normally you can't use a driver that was built for WinXP target on a Win7 machine. Rebuild for Win7 target.
Well your question is rather unspecific, but I see one particular problem here: Enabling test-signing and disabling kernel mode signing policy still requires you to sign the binary ... (after WHQL-tests MS would cross-sign the .cat file for the driver). Refer to this.
See:
For 64-bit versions of Windows Vista and later versions of Windows,
the kernel-mode code signing policy requires that all kernel-mode code
have a digital signature.
and:
The operating system loader and the kernel load drivers that are
signed by any certificate. The certificate validation is not required
to chain up to a trusted root certification authority. However, each
driver image file must have a digital signature.
These commands should allow to load a driver signed with anything
bcdedit.exe -set loadoptions DDISABLE_INTEGRITY_CHECKS
bcdedit.exe -set TESTSIGNING ON
You don't mention what target OS you chose when building. Icepack mentioned it. You need to actually build for Windows 7 to make it work with the new NDIS 6.0. Simply loading a driver built for XP (and older NDIS version) may not work at all.
My suggestion, use DDKBUILD.CMD and build one driver with (free build, W7):
ddkbuild.cmd -W7 fre . -cZ
and one with (free build, WXP)
ddkbuild.cmd -W7XP fre . -cZ
the above command line already takes into account the WDK you have. Note that if DDKBUILD.CMD fails to detect your installed WDK you'll have to set the environment variable W7BASE to point to the folder in which the WDK is installed (the one with install.htm, usually something like C:\WINDDK\7600.16385.1).