Does it work with ASLR switched on?
Edit.
Mitigate threats by using Windows 10 security features (Windows 10) - Windows security | Microsoft Docs
Address Space Layout Randomization in Windows Vista | Microsoft Docs
When “ASLR” Is Not Really ASLR - The Case of Incorrect Assumptions and Bad Defaults (cmu.edu)
dumpbin /headers appname.exe
Relocations stripped
= can not be randomised by ASLR despite having /DYNAMIC_BASE
To install Dumpbin (part of MSVC build Tools and Visual Studio)
Additional MSVC Build Tools | Microsoft Docs
Download Microsoft Build Tools 2015 from Official Microsoft Download Center
To locate Dumpbin
Releases · microsoft/vswhere · GitHub
vswhere -latest -find **/dumpbin.exe
The folder Dumpbin is located in, will need to be in the system path which can be added manually using
rundll32.exe Shell32.dll,Control_RunDLL sysdm.cpl
Advanced Tab, click the Environment Button, select System Variables > Path and add to the end of the line: Where ever its located:
C:\Program Files (x86)\Microsoft Visual Studio 14.0\VC\bin\
C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.25.28610\bin\HostX86\x86
C:\Program Files\Microsoft Visual Studio 8\VC\bin
C:\Program Files (x86)\Microsoft Visual Studio\2017\Community\VC\Tools\MSVC\14.14.26428\bin\Hostx64\x64
Use the Microsoft C++ toolset from the command line | Microsoft Docs
c# - Cannot find Dumpbin.exe - Stack Overflow
Open File Explorer, navigate to folder with the exe/dll you want to test, type CMD in the address bar (where it shows This PC > Folder > Folder > Folder), dos window opens then type
dumpbin /headers appname.exe
In Win10 Exploit Protection, I found out that Control Flow Guard, only works if compiled with the CFG attribute and AFAIK C11 doesnt support that (?yet?).
/guard (Enable Control Flow Guard) | Microsoft Docs
Control Flow Guard - Win32 apps | Microsoft Docs
Now there is a sandbox called Application Guard built into windows but MS also admit if the sandbox container is compromised, its still game on for the attackers, but it can be used to make an app like a Kiosk app to the point where it wipes all data files on program shutdown but I dont know if this would extend to wiping records from a data source like MS SQL server.
Important: Be aware that enabling this setting with potentially compromised graphics devices or drivers might pose a risk to the host device.
Important: Be aware that enabling this policy with a potentially compromised container could bypass camera and microphone permissions and access the camera and microphone without the user’s knowledge.
Application Guard pages in MS Edge
edge://policy/
edge://application-guard-internals/#status
Windows 10 - All Things About Application Guard - Microsoft Tech Community
Configure the Group Policy settings for Microsoft Defender Application Guard (Windows) - Windows security | Microsoft Docs
But the point being, ASLR is supposed to have stopped being able to read Runtime data structures and how does it know your code/?dll? is supposed to work with the Clarion runtime, hence the question.