BUSTICATING DEP

BUSTICATING DEP

Windows Data Execution Prevention is intended to hinder exploitation of memory corruption bugs by enforcing page permissions, thus preventing execution of shellcode from memory regions such as the stack or the heap. It turns out drraid doesn't like this, and has put together a talk on modern attacks on DEP so that we can keep sh*t moving. This talk covers old/lame techniques, as well as the modern and still effective techniques for beating DEP, and briefly discusses ASLR as well.

Presented by