Compile "Everything" with /DYNAMICBASE /NXCOMPAT /guard:cf

Have a suggestion for "Everything"? Please post it here.
Post Reply
arkos
Posts: 15
Joined: Mon Apr 13, 2020 8:03 am

Compile "Everything" with /DYNAMICBASE /NXCOMPAT /guard:cf

Post by arkos »

Looking at the v1.4.1.969 binary, it is compiled with mitigations turned off:

Code: Select all

> Get-PESecurity -File "C:\Program Files\Everything\Everything.exe"

FileName         : C:\Program Files\Everything\Everything.exe
ARCH             : AMD64
DotNET           : False
ASLR             : False
DEP              : False
Authenticode     : True
StrongNaming     : N/A
SafeSEH          : N/A
ControlFlowGuard : False
HighentropyVA    : False
Further looking at PE, it seems to be compiled with MS Visual Studio 2005 (or later version).

@void, would it be possible to compile with
/DYNAMICBASE /NXCOMPAT /guard:cf
?
Relevant links: I understand that CFG might be more problematic than other two, but at least having DEP and ASLR should make "Everything" more resistant against deliberate image manipulation.

...And thank you for an excellent tool!
void
Developer
Posts: 16738
Joined: Fri Oct 16, 2009 11:31 pm

Re: Compile "Everything" with /DYNAMICBASE /NXCOMPAT /guard:cf

Post by void »

Thank you for the /DYNAMICBASE /NXCOMPAT /guard:cf suggestions.

I'll consider re-enabling these.

/NXCOMPAT caused stability issues and was removed in 923.
/DYNAMICBASE adds bloat and performance issues.
arkos
Posts: 15
Joined: Mon Apr 13, 2020 8:03 am

Re: Compile "Everything" with /DYNAMICBASE /NXCOMPAT /guard:cf

Post by arkos »

void wrote: Tue Apr 14, 2020 3:48 am Thank you for the /DYNAMICBASE /NXCOMPAT /guard:cf suggestions.

I'll consider re-enabling these.

/NXCOMPAT caused stability issues and was removed in 923.
/DYNAMICBASE adds bloat and performance issues.
Thank you for the consideration. May I ask what sort of bloat you are referring to? In my limited understanding it creates
.reloc
and sets appropriate PE flags so that OS can use ASLR on the image.

Looking at modern OS'es, ASLR is enabled by default more often than not.
Linux since 2.6.X branch, Windows since Vista and OpenBSD since v3.4 (circa 2003).

I will be happy to beta-test builds with these flags enabled if that is of any help.
void
Developer
Posts: 16738
Joined: Fri Oct 16, 2009 11:31 pm

Re: Compile "Everything" with /DYNAMICBASE /NXCOMPAT /guard:cf

Post by void »

I've compiled the latest nightly with /DYNAMICBASE /NXCOMPAT

Please let me know if you have any trouble with this build.

Notice the difference in size (its about 60k larger)
arkos
Posts: 15
Joined: Mon Apr 13, 2020 8:03 am

Re: Compile "Everything" with /DYNAMICBASE /NXCOMPAT /guard:cf

Post by arkos »

void wrote: Tue Apr 14, 2020 6:50 am I've compiled the latest nightly with /DYNAMICBASE /NXCOMPAT

Please let me know if you have any trouble with this build.

Notice the difference in size (its about 60k larger)
Uninstalled previous version, installed latest stable from scratch and replaced binary with the latest nightly (with service start/stop in-between).

So far, computer hasn't burst into flames which is a good sign. I will keep using it extensively and report if there are any issues.
Who knows, maybe latter builds will see an addition of
/HIGHENTROPYVA
and
/guard:cf
;)
arkos
Posts: 15
Joined: Mon Apr 13, 2020 8:03 am

Re: Compile "Everything" with /DYNAMICBASE /NXCOMPAT /guard:cf

Post by arkos »

void wrote: Tue Apr 14, 2020 6:50 am I've compiled the latest nightly with /DYNAMICBASE /NXCOMPAT
Please let me know if you have any trouble with this build.
Just letting you know that to the day I have not noticed any bugs.
I have replied to the topic re.
Everything.ini
, but doubt these are related: viewtopic.php?f=5&t=303&p=30869#p30869
Post Reply