dbk64.sys+700:
mov [dbk64.sys+800],1
ret
dbk_executeKernelMemory(dbk64.sys+700,0)
Kernel Driver No Execute Memory Page DEP?
Write assembly in kernel driver text page
I want to execute, but is there a DEP security problem?
I do n’t know how to bypass it.
Write -> CR0
Page Execute-> PTE FIX ??
How Kernel Driver Page DEP Bypass?
/////////////////////////////////
No SMEP(WINdows8.1~10)
test os win7~win10(screenshot win7)
https://www.unknowncheats.me/forum/general-programming-and-reversing/315666-changing-kernel-page-protection.html
https://j00ru.vexillium.org/2011/06/smep-what-is-it-and-how-to-beat-it-on-windows/
(DEP is also applied to drivers in kernel mode. DEP for memory regions in kernel mode cannot be selectively enabled or disabled.
On 32-bit versions of Windows, DEP is applied to the stack by default.This differs from kernel-mode DEP on 64-bit versions of
Windows, where the stack, paged pool, and session pool have DEP applied.)
I don't know how to run on driver protected page
Is it impossible?
dbk64.sys+700:
mov [dbk64.sys+800],1
ret
dbk_executeKernelMemory(dbk64.sys+700,0)
Kernel Driver No Execute Memory Page DEP?
Write assembly in kernel driver text page
I want to execute, but is there a DEP security problem?
I do n’t know how to bypass it.
Write -> CR0
Page Execute-> PTE FIX ??
How Kernel Driver Page DEP Bypass?
/////////////////////////////////
No SMEP(WINdows8.1~10)
test os win7~win10(screenshot win7)
https://www.unknowncheats.me/forum/general-programming-and-reversing/315666-changing-kernel-page-protection.html
https://j00ru.vexillium.org/2011/06/smep-what-is-it-and-how-to-beat-it-on-windows/
(DEP is also applied to drivers in kernel mode. DEP for memory regions in kernel mode cannot be selectively enabled or disabled.
On 32-bit versions of Windows, DEP is applied to the stack by default.This differs from kernel-mode DEP on 64-bit versions of
Windows, where the stack, paged pool, and session pool have DEP applied.)
I don't know how to run on driver protected page
Is it impossible?