Project Perfect Mod Forums
:: Home :: Get Hosted :: PPM FAQ :: Forum FAQ :: Privacy Policy :: Search :: Memberlist :: Usergroups :: Register :: Profile :: Log in to check your private messages :: Log in ::


The time now is Thu Mar 28, 2024 12:25 pm
All times are UTC + 0
Windows Data Execution Prevention (DEP) and Syringe
Moderators: Ares Support Team at PPM, Global Moderators, Red Alert 2 Moderators
Post new topic   Reply to topic Page 1 of 1 [3 Posts] Mark the topic unread ::  View previous topic :: View next topic
Author Message
TAK02
General


Joined: 28 Jun 2015
Location: It was Damascus.

PostPosted: Sun Oct 14, 2018 11:03 am    Post subject:  Windows Data Execution Prevention (DEP) and Syringe
Subject description: Just a little experiment
Reply with quote  Mark this post and the followings unread

Windows has this little thing called "Data Execution Prevention".

"Data Execution Prevention (DEP) helps protect against damage from viruses and other security threats."

Find it under "Performance Options" in the control panel. No idea what/where that'd be if your Windows is in some exotic language like Arabic. #Tongue

Now for the actual issue: when I hit "Turn on DEP for all programs and services except those I select:" and then hit "Add..." to put Syringe in the exception list, I get this:

"This program must run with data execution prevention (DEP) enabled. You cannot turn off DEP for this program."

So either $###dows knows what Syringe does or programs can be forced to keep DEP on.
In any case, all the game EXEs, even the ones that won't be used, were added with no problems.

Here's the result:

It works with no problems.

EDIT: I retested with the YR EXEs out of the exceptions list, and Ares still worked.
This is either because the system has to restart first, or DEP doesn't work as advertised.
Be advised.

EDIT2: I restarted with all the YR EXEs removed from the excpetions list, and guess what: Ares still loads!
I guess MS never intended for their DEP to be any line of defense against EXE-alterings... But in that case, what is it even used for?

Back to top
View user's profile Send private message Send e-mail Visit poster's website ModDB Profile ID YouTube User URL Twitter Channel URL Skype Account
tomsons26lv
Cyborg Artillery


Joined: 30 Dec 2009
Location: Latvia

PostPosted: Sun Oct 14, 2018 12:55 pm    Post subject: Reply with quote  Mark this post and the followings unread

Software DEP depends on the binary to be compiled in a certain way, this way doesn't exist in the MSVC version Westwood used, and didn't for years forward.
If  you want to try if its working or not, try Thyme with ZH 1.04, latest build is here .
ZH is built in this certain way and should trip every possible DEP protection when Thyme is injected.

Hardware DEP depends on the CPU to allow enabling it.
Hardware DEP for the most part prevents changing flags of a binary section, like making a non-executable non-writable section executable and writable.
Ares doesn't manipulate data sections to make them executable, the Ares sections already have their proper flags and Ares doesn't alter the games flags, so it doesn't trip this trigger.

HW DEP is something we at CnCNet have hit ourselves which would happen if code strays into the data section, in a proper patch code should be in the code section, period.

There's likely some triggers still trippable with the it on for ares and the game, but those would be edge cases that would occur rarely.

_________________
Tiberian Dawn, Red Alert, Tiberian Sun ,Red Alert 2,Renegade, Command & Conquer 3,Tiberium and Tiberium Wars and Westwood related image & video archive
https://picasaweb.google.com/113361105083292812413?noredirect=1

Skype live:tomsons26
Don't forget to state who are you otherwise i'll ignore the invite

Back to top
View user's profile Send private message Visit poster's website
TAK02
General


Joined: 28 Jun 2015
Location: It was Damascus.

PostPosted: Fri Oct 19, 2018 1:30 pm    Post subject: Reply with quote  Mark this post and the followings unread

BUMP:

"Your computer's processsor supports hardware-based DEP." - Surface Bastard 2, i7-8560U @ 1.90 GHz 2.11 GHz (why the two Hz-speeds instead of just one?)

I'd mess with Thyme, but it's not like I have Generals anywhere. If it were compatible with Emperor's Xanadu engine tho... #Tongue

Haven't fired up CnCNet a good while before turning on DEP for the lulz, don't think I'll get the time to until a few months later #Tongue
I'll bump this thread again when I test out CnCNet, tell you what I'll find Smile

Back to top
View user's profile Send private message Send e-mail Visit poster's website ModDB Profile ID YouTube User URL Twitter Channel URL Skype Account
Display posts from previous:   
Post new topic   Reply to topic Page 1 of 1 [3 Posts] Mark the topic unread ::  View previous topic :: View next topic
 
Share on TwitterShare on FacebookShare on Google+Share on DiggShare on RedditShare on PInterestShare on Del.icio.usShare on Stumble Upon
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © phpBB Group

[ Time: 0.1433s ][ Queries: 11 (0.0083s) ][ Debug on ]