nav #navigation ul.menu li:hover .dropmenu {display:block;} .head-menu nav .sub-menu-wrapper { top: 28px; } .head-menu nav .menu-item:hover .sub-menu-wrapper { display: block; }

Search Blog

#infosec #OWASP
#Risk Management #microservices
#Application Security #Cybersecurity #AI #DevSecOps

Security Blog

OWASP’s #1 Web Application Risk - the Threat of and Solution to Web Application Injection Attacks

June 14, 2018

Dr. Jean-Marc Rickli about the future of AI

May 23, 2018

Robin Wilton about GDRP compliance, AI and IoT challenges

May 11, 2018

How to Protect Your Web Applications From XXE Attacks

May 8, 2018

Basic Steps for API Security

May 3, 2018

News and press releases

High-Tech Bridge launches VAR partnership program for ImmuniWeb® AI

June 13, 2018

High-Tech Bridge is the Winner of SC Awards Europe 2018

June 6, 2018

High-Tech Bridge supports OWASP as a Corporate Member

April 10, 2018

High-Tech Bridge named a Finalist at SC Awards Europe 2018

April 5, 2018

ImmuniWeb® Platform starts accepting payments in cryptocurrencies

January 30, 2018

High-Tech Bridge > Security Blog

Defeating Data Execution Prevention and ASLR in Windows

Monday, June 27, 2011 By Brian Mariani

Data prevention Execution (DEP) and Address space layout randomization (ASLR) are two protection mechanisms integrated in Windows operating system to make more complicated the task of exploiting software. This document show how these two features can be bypassed using different techniques.

Author: Brian Mariani, Senior Security Auditor at High-Tech Bridge SA

Data prevention Execution (DEP) and Address space layout randomization (ASLR) are two protection mechanisms integrated in Windows operating system to make more complicated the task of exploiting software. This document show how these two features can be bypassed using different techniques.

Defeating Data Execution Prevention and ASLR in Windows

PDF: Defeating Data Execution Prevention and ASLR in Windows (1,3 MB)

Defeating Data Execution Prevention and ASLR in Windows

Video: Defeating Data Execution Prevention and ASLR in Windows

Defeating Data Execution Prevention and ASLR in Windows

Video: Tracing the Exploit
Defeating Data Execution Prevention and ASLR in Windows

Defeating Data Execution Prevention and ASLR in Windows

HeapCreate.asm
Defeating Data Execution Prevention and ASLR in Windows

Defeating Data Execution Prevention and ASLR in Windows

VirtualAllocandWriteProcessMemory.asm
Defeating Data Execution Prevention and ASLR in Windows

Defeating Data Execution Prevention and ASLR in Windows

VirtualProtect.asm
Defeating Data Execution Prevention and ASLR in Windows

Defeating Data Execution Prevention and ASLR in Windows

VulnerableServer.cpp

Tags: ASLR DEP Windows

Previous Blog Posts:

Structured Exception Handler Exploitation Fake Malware and Virus Scanners

User Comments

Share