Dailydave mailing list archives
Non executable memory pages with AMD64 + XP SP2
From: Nicolas RUFF <nicolas.ruff () edelweb fr>
Date: Sun, 05 Dec 2004 22:09:57 +0100
Hello everybody, Did anyone out there have a chance to test non-executable memory pages on AMD64 + XP SP2 ? I sent a mail on Bugtraq a few weeks ago but I did not receive much support from the community. It seems to me that non-executable pages are never enabled (at least for basic user programs, such as "hello world" buffer overflow), unless you manually specify /PAE, despite: http://support.microsoft.com/kb/875352 If you read the small caps on AMD commercials in France, they say something like: "you must manually enable the Enhanced Virus Protectionfor each of your application to be fully protected". What is this supposed to mean ???
I suspect Microsoft went on a last-minute change, considering the number of software failing with non-executable pages (at least on my computer - e.g. nVidia userland interface). To sum up : 1/ 64-bit OS are not ready for production - if you ever tried to getdrivers for the Windows XP 64-bit edition (available from MSDN) you know what I mean.
2/ 64-bit OS are as fast as 32-bit OS (tested on Fedora 64 and XP 64). Applications will be running in 32-bit emulation mode for a long time and will not benefit from 64-bit processors either. 3/ 32-bit XP SP2 does not use non-executable memory pages (AFAIK). 4/ Shellcoders will benefit from new RIP-relative addressing, as M. Conover pointed out. So, could someone figure out a good reason why I spent $300 on this s*** ? (Not couting the motherboard and memory upgrade). Regards, - Nicolas RUFF ----------------------------------- Security Consultant EdelWeb (http://www.edelweb.fr/) Mail : nicolas.ruff (at) edelweb.fr ----------------------------------- _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com https://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Non executable memory pages with AMD64 + XP SP2 Nicolas RUFF (Dec 05)
- RE: Non executable memory pages with AMD64 + XP SP2 Mike Bailey (Dec 05)
- <Possible follow-ups>
- RE: Non executable memory pages with AMD64 + XP SP2 Maynor, David (ISS Atlanta) (Dec 05)
- RE: Non executable memory pages with AMD64 + XP SP2 Maynor, David (ISS Atlanta) (Dec 05)
- Re: Non executable memory pages with AMD64 + XP SP2 Nicolas RUFF (Dec 06)
- RE: Non executable memory pages with AMD64 + XP SP2 Maynor, David (ISS Atlanta) (Dec 06)