Data Execution Protection and compromised machine

[jeffs at speakeasy.net (jeffs)]

thanks for that information -- the issue I'm having is I cannot get a 
command shell on the compromised machine to run execute commands through 
a channel because DEP has prevented me.  But I'll keep this command 
handy in case I eventually do get that ever-so-important command line.

David Kennedy wrote:
> bcdedit.exe/set {current} nx AlwaysOff will disable it from the 
> command line, a reboot is required.
>
>
> ------------------------------------------------------------------------
> *From: *jeffs <jeffs at speakeasy.net>
> *Reply-To: *<jeffs at speakeasy.net>
> *Date: *Fri, 21 Nov 2008 10:52:08 -0500
> *To: *<framework at spool.metasploit.com>
> *Subject: *[framework] Data Execution Protection and compromised machine
>
> To stop data execution protection in windows machines with it on by
> default (I notice this interferes with migrating processes although not
> with getting meterpreter installed and running) you can edit the
> boot.ini -- is this the standard way to turn this off so we can proceed
> further with the exploitation?
>
> That does require a reboot and I'm wondering if there is another
> non-reboot method.
>
>
> _______________________________________________
> http://spool.metasploit.com/mailman/listinfo/framework

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.metasploit.com/pipermail/framework/attachments/20081121/ea4cbc3a/attachment.htm>