Dailydave mailing list archives
Re: Non executable memory pages with AMD64 + XP SP2
From: Nicolas RUFF <nicolas.ruff () edelweb fr>
Date: Wed, 05 Jan 2005 19:46:58 +0100
So with it enabled you are getting no errors if you attempt a stackbased overflow?
Yes, stack-based shellcodes will run fine unless I manually specify /PAE in the BOOT.INI file.
However Microsoft is currently investigating the problem and I had a contact today with someone from out there. At first look it *might* be a problem with multi-boot systems.
Indeed my system is multi-booting Windows 2003 Server and Windows XP Pro (well ... you know, AMD64 is still expensive so I bought only one :-), so my NTLDR is Windows 2003 version. From there you can induce that PAE *might* be enabled by Windows XP NTLDR when /NoExecute parameter is detected, and not checked thereafter by NTOSKRNL.
I think I will make more tests this week-end and keep you informed. Regards, - Nicolas RUFF ----------------------------------- Security Consultant EdelWeb (http://www.edelweb.fr/) Mail : nicolas.ruff (at) edelweb.fr ----------------------------------- _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com https://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Re: Non executable memory pages with AMD64 + XP SP2 Nicolas RUFF (Jan 05)