Create an Account
username: password:
 
  MemeStreams Logo

Bypassing Windows Hardware-enforced Data Execution Prevention

search

dcnstrct
My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

dcnstrct's topics
Arts
Business
Games
Health and Wellness
Home and Garden
Miscellaneous
Current Events
Recreation
Local Information
Science
Society
Sports
Technology

support us

Get MemeStreams Stuff!


 
Bypassing Windows Hardware-enforced Data Execution Prevention
Topic: Technology 6:28 am EST, Nov 24, 2005

This paper describes a technique that can be used to bypass Windows hardware-enforced Data Execution Prevention (DEP) on default installations of Windows XP Service Pack 2 and Windows 2003 Server Service Pack 1. This technique makes it possible to execute code from regions that are typically non-executable when hardware support is present, such as thread stacks and process heaps. While other techniques have been used to accomplish similar feats, such as returning into NtProtectVirtualMemory, this approach requires no direct reprotecting of memory regions, no copying of arbitrary code to other locations, and does not have issues with NULL bytes. The result is a feasible approach that can be used to easily bypass the enhancements offered by hardware-enforced DEP on Windows in a way that requires very minimal modifications to existing exploits.

This is a fairly technical computer security whitepaper that deals with M$ Windows internals, so beware. This is part of the uninformed journal.

Bypassing Windows Hardware-enforced Data Execution Prevention



 
 
Powered By Industrial Memetics
RSS2.0