Saturday, December 8, 2012

DEP Bypass Tutorial for Vulnserver

When Vulnserver was originally released I did say at the time that I would release a tutorial that covers the process of bypassing DEP.  That was of course just before I started in a new job and my blog posting regularity pretty much dropped off the cliff.  Well the good news (for me, and for you too perhaps) is that now I don't have to write that tutorial, because someone else has already done it!

Check out the tutorial here.  Ive only given it a quick skim so far, but based on what Ive seen it looks pretty good.

UPDATE 22/11/2013: Yeah, the link doesn't work any more, and I cant find any copies of this tutorial anywhere else on the web. I have my own DEP bypassing exploit for Vulnserver written, and a tutorial partly done, but its probably a while away from completion given all the stuff I have going on at the moment. If people are really keen to see a DEP bypass tutorial, let me know and if there's enough interest I might be motivated to get it done a bit sooner...


  1. This comment has been removed by the author.

  2. Iam find amazing lesson talking about "ROP" with same Target => Vulnserver <=
    here -->
    or as pdf version by me here :
    & im hope to see yours
    Thanks Stephen Bradshaw 4 all tuts
    Best Regrads

    1. Hello Again Mr.Stephen Bradshaw (Lupin) ....
      Firstly : I Wanna thank you For your amazing Tutorials .. here or at infosecinstitute

      it's helped me alot to learn exploit dev ..
      & i have some ???? & suggestions !! Pls ...

      Are you thinking about update Vulnserver ? to Make new Tuts ??
      in other words :-

      1- adding some vuln Example codes such as heap overflow & format strings & integer overflows .

      2- More Complicated & Long Headers .. i don't know way 2 Find it :(

      3- Mitm code excution example (I can't Find any tut in "Google" about mitm code exec ) .

      4- add MSVC++ compiler protections and others ..

      5- What's New in Win 8 & 8.1

      6- Browsers Protiction -> Specially Google Chrome

      Are You thinking about posting Anew Tuts About that ?
      I Hope You Find Some Time to do this .. and i wanna tell you about your explanation way it's perfect & helped beginners much More ..

      You can Take examples From exploit exercise that's very helpful and use it for windows
      Take alook -->

      Soon i Will Make Your tut's As pdf's like what i do with "Mike Czumak" Tuts ( you can take alook here :

      PDF'S Folder Here :

      If You Continue Your posts you can make a Reference For win exploitation


      oh Yeah .. about original Dep bypass lesson on (violentpython)
      i'm find shot at Archive Site but its not helpful
      he using Script To Auto Generate Gadgets & pics not available

      if any one want it i will make it again for him & my ? is :
      When you will post Your Dep lesson ?
      & which Api are you Used From corelan Table ?

      I Can make a tut Using "SetProcessDEPPolicy()" i'm Understand it Very Well From "Neox"
      He Was Exploit Developer at Romanian Security Team | RST & Make special Video Tuts about
      ( Win32 Exploit Development ) --> in "Romanian Language" but it's Very helpful "I like This Guy" ..
      He Supported & help me alot ..

      His YouTube Channel "metacom" :-

      and Now i'm Study This Paper :
      "Bypassing DEP with WPM & ROP" By Sud0
      link :

      Thanks Stephen 4 Your Time ..
      Greetings ..

    2. Hi NO-MERCY

      The next thing I have planned is a web app with a number of complex cryptographic flaws to exploit. Tutorials on this will cover how to write scripts and web proxy (e.g. Burp Pro) plugins in order to automate detection and exploitation of these types of vulnerabilities.

      No E.T.A on that though, or on any further exploitation tutorials - Ive got a few other things going on at the moment that's keeping me busy.

      What I may do is make the DEP exploit I have written for Vulnserver available somewhere - that way people at least have something to look at in lieu of a full tutorial.

  3. I'm interested in a DEP bypass tut. Thanks for sharing your knowledge.

  4. I would be interested in a DEP Bypass tutorial that also teaches the reader how to write their own ROP chains, one instruction at a time, rather than just use to generate them. This would be way more informative and would help every beginning exploit writer to create their own chains and DEP bypass exploits, and would also lay the foundation for writing their own custon Win32 Shellcode.