1

What are some ways that Data Execution Prevention can be bypassed? I would appreciate if someone could go in depth on how it would work.

Daniel41550
  • 21
  • 7
  • Welcome to Stack Overflow Daniel. This forum does not handle braod requests like this or "Questions asking us to recommend or find a book, tool, software library, tutorial or other off-site resource are off-topic for Stack Overflow as they tend to attract opinionated answers and spam. Instead, describe the problem and what has been done so far to solve it." – micstr Nov 03 '16 at 06:57
  • @micstr I never asked to be recommended anything off-site. My problem is that I don't know how DEP can be bypassed, and to solve it, I have asked this question. – Daniel41550 Nov 03 '16 at 07:34
  • I was just pointing out that broad questions like this that without source code tend not to get good responses(see http://stackoverflow.com/help/on-topic). Lets hope you get some response. Whilst you wait - Have you looked at http://security.stackexchange.com/search?q=DEP or http://stackoverflow.com/questions/15581581/how-to-disable-dep? – micstr Nov 03 '16 at 08:22
  • @micstr Thank you for showing me that! – Daniel41550 Nov 03 '16 at 08:24
  • JIT spraying can bypass DEP. See http://stackoverflow.com/questions/28840087/why-cant-javascript-shellcode-exploits-be-fixed-via-data-execution-prevention/29171692#29171692 – Ortomala Lokni Nov 06 '16 at 21:41

1 Answers1

3

I think this is a hard question. I am not sure you are asking you want to disable it or bypass it. If you want to disable it, compile it with -z execstack parameter Like following command.

gcc main.c -z execstack

If you want to bypass, you could try a technique called ROP

Weibo Chen
  • 369
  • 1
  • 10