DEP is data execution prevent, it is some kind of windows protection. DEP was protecting with make the stack of windows application to be non executable, so if we put some payload in the stack then we don't allow to execute it. But we can bypass DEP protection with some method which available in Win32 APIs.
Some method to bypass DEP
VirtualProtect()
The VirtualProtect function changes the access protection of memory region become readable, writable, or executable in the calling process.
http://msdn.microsoft.com/en-us/library/aa366898(VS.85).aspx
VirtualAlloc()
This function will allocate new memory. One of the parameters to this function specifies the execution/access level of the newly allocated memory, so
the goal is to set that value to EXECUTE_READWRITE.
http://msdn.microsoft.com/en-us/library/aa366887(VS.85).aspx
Identity Providers for RedTeamers
8 months ago