Binary Exploit Development 4 - DEP Bypass with VirtualAlloc
9 هزار بار بازدید -
2 سال پیش
-
Learn how to bypass DEP
Learn how to bypass DEP in part 4 of our Binary Exploit Development Series.
Support us on GH: https://guidedhacking.com/register/
Support us on Patreon: Patreon: guidedhacking
Support us on YT: @guidedhacking
Exploit Development 4 DEP Bypass Article:
https://guidedhacking.com/threads/bin...
The fourth part of our exploit development series will demonstrate how to bypass the Windows DEP stack protection for a buffer overflow attack by abusing the Windows API via a self-made ROP chain.
Before attempting to write your own ROP chain you should definitely know at least the basics of x86 assembly. Since we cannot just write ASM code but have to rely on existing instruction-chains we often have to come up with tricks and uncommon approaches in order to prepare the stack correctly for our API call.
What Is Dep?
DEP stands for Data Execution Prevention and comes in two versions:
- Software-enforced DEP
- Hardware-enforced DEP
We will only talk about the hardware-based version which is the one we have to worry about almost always (from now on "DEP" always refers to hardware-enforced DEP).
This stack protection was introduced with Windows XP Service Pack 2 and is included in all Windows versions since then. In order to be able to function it requires the No eXecute (NX-bit) bit which comes with AMD CPUs or the Execute Disable (XD-bit) which comes with Intel CPUs.
Follow us on Facebook : http://bit.ly/2vvHfhk
Follow us on Twitter : http://bit.ly/3bC7J1i
Follow us on Twitch : http://bit.ly/39ywOZ2
Follow us on Reddit : http://bit.ly/3bvOB57
Follow us on GitHub : http://bit.ly/2HoNXIS
Follow us on Instagram : http://bit.ly/2SoDOlu
Exploit Development 4 - DEP Bypass
Support us on GH: https://guidedhacking.com/register/
Support us on Patreon: Patreon: guidedhacking
Support us on YT: @guidedhacking
Exploit Development 4 DEP Bypass Article:
https://guidedhacking.com/threads/bin...
The fourth part of our exploit development series will demonstrate how to bypass the Windows DEP stack protection for a buffer overflow attack by abusing the Windows API via a self-made ROP chain.
Before attempting to write your own ROP chain you should definitely know at least the basics of x86 assembly. Since we cannot just write ASM code but have to rely on existing instruction-chains we often have to come up with tricks and uncommon approaches in order to prepare the stack correctly for our API call.
What Is Dep?
DEP stands for Data Execution Prevention and comes in two versions:
- Software-enforced DEP
- Hardware-enforced DEP
We will only talk about the hardware-based version which is the one we have to worry about almost always (from now on "DEP" always refers to hardware-enforced DEP).
This stack protection was introduced with Windows XP Service Pack 2 and is included in all Windows versions since then. In order to be able to function it requires the No eXecute (NX-bit) bit which comes with AMD CPUs or the Execute Disable (XD-bit) which comes with Intel CPUs.
Follow us on Facebook : http://bit.ly/2vvHfhk
Follow us on Twitter : http://bit.ly/3bC7J1i
Follow us on Twitch : http://bit.ly/39ywOZ2
Follow us on Reddit : http://bit.ly/3bvOB57
Follow us on GitHub : http://bit.ly/2HoNXIS
Follow us on Instagram : http://bit.ly/2SoDOlu
Exploit Development 4 - DEP Bypass
2 سال پیش
در تاریخ 1401/09/05 منتشر شده
است.
9,066
بـار بازدید شده