Metasploit mailing list archives
Data Execution Protection and compromised machine
From: jeffs at speakeasy.net (jeffs)
Date: Fri, 21 Nov 2008 11:04:04 -0500
thanks for that information -- the issue I'm having is I cannot get a command shell on the compromised machine to run execute commands through a channel because DEP has prevented me. But I'll keep this command handy in case I eventually do get that ever-so-important command line. David Kennedy wrote:
bcdedit.exe/set {current} nx AlwaysOff will disable it from the command line, a reboot is required. ------------------------------------------------------------------------ *From: *jeffs <jeffs at speakeasy.net> *Reply-To: *<jeffs at speakeasy.net> *Date: *Fri, 21 Nov 2008 10:52:08 -0500 *To: *<framework at spool.metasploit.com> *Subject: *[framework] Data Execution Protection and compromised machine To stop data execution protection in windows machines with it on by default (I notice this interferes with migrating processes although not with getting meterpreter installed and running) you can edit the boot.ini -- is this the standard way to turn this off so we can proceed further with the exploitation? That does require a reboot and I'm wondering if there is another non-reboot method. _______________________________________________ http://spool.metasploit.com/mailman/listinfo/framework
-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.metasploit.com/pipermail/framework/attachments/20081121/ea4cbc3a/attachment.htm>
Current thread:
- Data Execution Protection and compromised machine jeffs (Nov 21)
- <Possible follow-ups>
- Data Execution Protection and compromised machine jeffs (Nov 21)