What is the relation between ASLR and the mshta.exe's error "The system cannot execute the specified program"?
I am having a problem running mshta.exe. As you can see in the picture below, I get the error: The system cannot execute the specified program.
I've created a test.hta file and it can't be executed as well. I've tried these solutions and none of them worked:
- I've disabled App Locker
- I've disabled the Anti-virus
- I've turned off windows firewall.
Yet, when I enabled the ASLR it worked!
I've edited the registry value MoveImages to 1. It's under the key HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSession ManagerMemory Management. I've disabled the ASLR before because sometimes I debug DLLs.
My question is: Why did this work? How can the ASLR help with this problem?
A friend of mine has one interesting answer I want to share:
"Its error from within the kernel of NtCreateUserProcess, in this api, there're calls to ZwMapViewOfSection to map executable image to memory. In our case the MapView returns STATUS_CONFLICTING_ADDRESSES.
If you read the ZwMapViewOfSection docs, you will see that Windows cache some address range, so that if an image without ASLR requesting address within the cache, it fails at ZwMapViewOfSection.
This wont happen with ASLR because Windows will guarantee the new image base address wont be inside any cache range".
- Statically compile a C++ app with GCC into a binary
- Call COM object method from Go without CGo
- How can I auto-elevate my batch file, so that it requests from UAC administrator rights if required?
- Cannot import just-installed `pip` packages
- How to get date in BAT file
- Create Windows service from executable
- Cursor disappearing inside text field
- Ubuntu app: WslRegisterDistribution failed with error 0x80070057 (incorrect parameter)
- Can the Windows API use two mutexes to achieve thread synchronization?
- What does this command prompt input do?
- KERNELBASE.dll Exception 0xe0434352 offset 0x000000000000a49d
- Eclipse dark theme for windows: how to change the color of scroll bars and title bars to dark?
- How to untar multiple files with an extension .tar.gz.aa, .tar.gz.ab..... in windows?
- How do I start PowerShell from Windows Explorer?
- Can I use PowerShell in shell-mode for Emacs?
- How to install lua-zlib with LuaRocks on Windows?
- How can I obtain the user's Logon Session SID (e.g. S-1-5-5-X-Y) or otherwise verify RMF SC-23 Unique Identifiers in Windows
- How to get and store the localhost ip address into a variable (Windows 10)
- Child Windows using Rust
- Docker repository server gave HTTP response to HTTPS client
- ADB over Wi-Fi is extremely slow on one PC, great on another
- Create Windows Python virtualenv with a specific version of Python
- Is there a difference if I added the window handle or NULL value
- Run Dart process as admin on Windows
- g++ produce executable for windows
- Took C/C++ code from Linux to Windows is really slow
- Why doesn't MSYS Bash evaluate windows exectuable commands as expected?
- Passing UTF-8 arguments to commands in Perl on Windows
- Where is the "downloads" folder located
- Ping with timestamp on Windows CLI