Posted: Sun Oct 14, 2018 11:03 am Post subject:
Windows Data Execution Prevention (DEP) and Syringe
Subject description: Just a little experiment
Windows has this little thing called "Data Execution Prevention".
"Data Execution Prevention (DEP) helps protect against damage from viruses and other security threats."
Find it under "Performance Options" in the control panel. No idea what/where that'd be if your Windows is in some exotic language like Arabic.
Now for the actual issue: when I hit "Turn on DEP for all programs and services except those I select:" and then hit "Add..." to put Syringe in the exception list, I get this:
"This program must run with data execution prevention (DEP) enabled. You cannot turn off DEP for this program."
So either $###dows knows what Syringe does or programs can be forced to keep DEP on.
In any case, all the game EXEs, even the ones that won't be used, were added with no problems.
Here's the result:
It works with no problems.
EDIT: I retested with the YR EXEs out of the exceptions list, and Ares still worked.
This is either because the system has to restart first, or DEP doesn't work as advertised.
Be advised.
EDIT2: I restarted with all the YR EXEs removed from the excpetions list, and guess what: Ares still loads!
I guess MS never intended for their DEP to be any line of defense against EXE-alterings... But in that case, what is it even used for? QUICK_EDIT
Software DEP depends on the binary to be compiled in a certain way, this way doesn't exist in the MSVC version Westwood used, and didn't for years forward.
If you want to try if its working or not, try Thyme with ZH 1.04, latest build is here .
ZH is built in this certain way and should trip every possible DEP protection when Thyme is injected.
Hardware DEP depends on the CPU to allow enabling it.
Hardware DEP for the most part prevents changing flags of a binary section, like making a non-executable non-writable section executable and writable.
Ares doesn't manipulate data sections to make them executable, the Ares sections already have their proper flags and Ares doesn't alter the games flags, so it doesn't trip this trigger.
HW DEP is something we at CnCNet have hit ourselves which would happen if code strays into the data section, in a proper patch code should be in the code section, period.
There's likely some triggers still trippable with the it on for ares and the game, but those would be edge cases that would occur rarely. _________________ Tiberian Dawn, Red Alert, Tiberian Sun ,Red Alert 2,Renegade, Command & Conquer 3,Tiberium and Tiberium Wars and Westwood related image & video archive
https://picasaweb.google.com/113361105083292812413?noredirect=1
Skype live:tomsons26
Don't forget to state who are you otherwise i'll ignore the invite QUICK_EDIT
"Your computer's processsor supports hardware-based DEP." - Surface Bastard 2, i7-8560U @ 1.90 GHz 2.11 GHz (why the two Hz-speeds instead of just one?)
I'd mess with Thyme, but it's not like I have Generals anywhere. If it were compatible with Emperor's Xanadu engine tho...
Haven't fired up CnCNet a good while before turning on DEP for the lulz, don't think I'll get the time to until a few months later
I'll bump this thread again when I test out CnCNet, tell you what I'll find QUICK_EDIT
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum