Dailydave mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Non executable memory pages with AMD64 + XP SP2

From: Nicolas RUFF <nicolas.ruff () edelweb fr>
Date: Wed, 05 Jan 2005 19:46:58 +0100
So with it enabled you are getting no errors if you attempt a stack
based overflow?
Yes, stack-based shellcodes will run fine unless I manually specify /PAE in the BOOT.INI file.
However Microsoft is currently investigating the problem and I had a contact today with someone from out there. At first look it *might* be a problem with multi-boot systems.
Indeed my system is multi-booting Windows 2003 Server and Windows XP Pro (well ... you know, AMD64 is still expensive so I bought only one :-), so my NTLDR is Windows 2003 version. From there you can induce that PAE *might* be enabled by Windows XP NTLDR when /NoExecute parameter is detected, and not checked thereafter by NTOSKRNL. 

I think I will make more tests this week-end and keep you informed.

Regards,
- Nicolas RUFF
-----------------------------------
Security Consultant
EdelWeb (http://www.edelweb.fr/)
Mail : nicolas.ruff (at) edelweb.fr
-----------------------------------
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
https://lists.immunitysec.com/mailman/listinfo/dailydave
Previous By Date Next
Previous By Thread Next

Current thread: