From: Thierry Zoller (ThierryZoller.lu)
Date: Mon Apr 02 2007 - 10:44:46 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Dear Michal,

MM> You claim is just pointless. You CAN write
MM> reliable exploit for Harware NX DEP and youCAN take over whole system
MM> even in the IE Protected mode!!!!

Oh dear, my "claim is just pointless", the fact is, I have not made
such a claim, I have introduced the notion of Hardware DEP and Software
DEP, that's what I did and that's all. Some poeple don't realise there
is a difference between them I wanted to show them there is.

In otherwords, claiming it works with "DEP enabled" just because the
PoC worked on your software-DEP-enabled machine doesn't proof it works
on HW-enabled-machines, that was my point. That's my entire point, not
saying it can't be or is be done with Hardware DEP...get it ?

I never claimed it can't be done, actually within our company some do, so..
Try the current milworm PoCs on NX enforced CPUS

--
http://secdev.zoller.lu
Thierry Zoller
Fingerprint : 5D84 BFDC CD36 A951 2C45 2E57 28B3 75DD 0AC6 F1C7

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]