nav #navigation ul.menu li:hover .dropmenu {display:block;} .head-menu nav .sub-menu-wrapper { top: 28px; } .head-menu nav .menu-item:hover .sub-menu-wrapper { display: block; }

Search Blog

#infosec #OWASP
#Risk Management #microservices
#Application Security #Cybersecurity #AI #DevSecOps

Security Blog

Murder of Cybersecurity by Legacy Applications

September 21, 2018

Hacking WordPress for Fun and Profit, Part 1

September 13, 2018

Databreaches: Hardening Data Protection on Your Web Servers

September 6, 2018

Spencer Young Uncovers the Future of Application Security, AI and Cybercrime

September 5, 2018

Human Factor - Achilles' heel of Sensitive Data Exposure

August 30, 2018

News and press releases

High-Tech Bridge joins the British-Swiss Chamber of Commerce

July 17, 2018

High-Tech Bridge launches VAR partnership program for ImmuniWeb® AI

June 13, 2018

High-Tech Bridge is the Winner of SC Awards Europe 2018

June 6, 2018

High-Tech Bridge supports OWASP as a Corporate Member

April 10, 2018

High-Tech Bridge named a Finalist at SC Awards Europe 2018

April 5, 2018

High-Tech Bridge > Security Blog

Defeating Data Execution Prevention and ASLR in Windows

Monday, June 27, 2011 By Brian Mariani

Data prevention Execution (DEP) and Address space layout randomization (ASLR) are two protection mechanisms integrated in Windows operating system to make more complicated the task of exploiting software. This document show how these two features can be bypassed using different techniques.

Author: Brian Mariani, Senior Security Auditor at High-Tech Bridge SA

Data prevention Execution (DEP) and Address space layout randomization (ASLR) are two protection mechanisms integrated in Windows operating system to make more complicated the task of exploiting software. This document show how these two features can be bypassed using different techniques.

Defeating Data Execution Prevention and ASLR in Windows

PDF: Defeating Data Execution Prevention and ASLR in Windows (1,3 MB)

Defeating Data Execution Prevention and ASLR in Windows

Video: Defeating Data Execution Prevention and ASLR in Windows

Defeating Data Execution Prevention and ASLR in Windows

Video: Tracing the Exploit
Defeating Data Execution Prevention and ASLR in Windows

Defeating Data Execution Prevention and ASLR in Windows

HeapCreate.asm
Defeating Data Execution Prevention and ASLR in Windows

Defeating Data Execution Prevention and ASLR in Windows

VirtualAllocandWriteProcessMemory.asm
Defeating Data Execution Prevention and ASLR in Windows

Defeating Data Execution Prevention and ASLR in Windows

VirtualProtect.asm
Defeating Data Execution Prevention and ASLR in Windows

Defeating Data Execution Prevention and ASLR in Windows

VulnerableServer.cpp

Tags: ASLR DEP Windows

Previous Blog Posts:

Structured Exception Handler Exploitation Fake Malware and Virus Scanners

User Comments

Share