Delphi DEP 닫기(2008/xp sp3?)

자세히 보기
DEP는 특정 작업을 보호하는 경우가 있으며, 특정 클래스의 hack 작업 코드를 사용할 때 오류가 발생합니다! - -SetProcess DEPpolicy로 시스템의 DEP 설정을 덮어쓸 수 있습니다. but는 2008에만 적용되는 것 같고 xp sp3도 지원될 것 같습니다. (테스트 대기 중)
hk := GetModuleHandle('Kernel32.dll');

    if hk  INVALID_HANDLE_VALUE then begin

      @GetSystemDEPPolicy := GetProcAddress(hK, 'GetSystemDEPPolicy');

      if @GetSystemDEPPolicy  nil then begin

        policy := GetSystemDEPPolicy();

        if (policy = 1) or (policy = 3) then begin

          @SetProcessDEPPolicy := GetProcAddress(hK, 'SetProcessDEPPolicy');

          if @SetProcessDEPPolicy  nil then begin

            SetProcessDEPPolicy(0);

          end;

        end;

      end;

    end;

 
나중에 chromium에서 DEP와 관련된 재미있는 물건을 찾았는데 빌려서 썼어요. 테스트가 가능해요.
{
       DEP,   google     ,    delphi  
  http://src.chromium.org/viewvc/chrome/trunk/src/sandbox/src/dep.cc?view=markup
}
unit uDep;

interface
uses
  Windows;

type
  DepEnforcement = (
  // DEP is completely disabled.
    DEP_DISABLED,
  // DEP is permanently enforced.
    DEP_ENABLED,
  // DEP with support for ATL7 thunking is permanently enforced.
    DEP_ENABLED_ATL7_COMPAT
    );

function SetCurrentProcessDEP(enforcement: DepEnforcement): Boolean;

implementation
const
  PROCESS_DEP_ENABLE:DWORD = $00000001;
  PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION:DWORD = $00000002;
  MEM_EXECUTE_OPTION_ENABLE:DWORD = 1;
  MEM_EXECUTE_OPTION_DISABLE:DWORD = 2;
  MEM_EXECUTE_OPTION_ATL7_THUNK_EMULATION:DWORD = 4;
  MEM_EXECUTE_OPTION_PERMANENT:DWORD = 8;

type
  PROCESS_INFORMATION_CLASS = (ProcessExecuteFlags = $22);

  FnSetProcessDEPPolicy = function(dwFlags: DWORD): Boolean; WINAPI;
  FnNtSetInformationProcess = function(
    ProcessHandle: THANDLE;
    ProcessInformationClass: PROCESS_INFORMATION_CLASS;
    ProcessInformation: Pointer;
    ProcessInformationLength: LongWord): HResult;WINAPI;


function SetCurrentProcessDEP(enforcement: DepEnforcement): Boolean;
var
  SetProcessDEPPolicy: FnSetProcessDEPPolicy;
  NtSetInformationProcess: FnNtSetInformationProcess;
  hk: HMODULE;
  dep_flags: DWORD;
  hr: HRESULT;
begin
  Result := False;
  hk := GetModuleHandle('Kernel32.dll');
  if hk <> INVALID_HANDLE_VALUE then begin
    @SetProcessDEPPolicy := GetProcAddress(hK, 'SetProcessDEPPolicy');
    if @SetProcessDEPPolicy <> nil then begin
      case enforcement of
        DEP_DISABLED: dep_flags := 0;
        DEP_ENABLED: dep_flags := PROCESS_DEP_ENABLE or
          PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION;
        DEP_ENABLED_ATL7_COMPAT: dep_flags := PROCESS_DEP_ENABLE;
      else Exit;
      end;
      Result := SetProcessDEPPolicy(dep_flags);
    end;
  end;

  if Result = True then Exit;
  

  hk := GetModuleHandle('ntdll.dll');
  if hk <> INVALID_HANDLE_VALUE then begin
    @NtSetInformationProcess := GetProcAddress(hK, 'NtSetInformationProcess');
    if @NtSetInformationProcess <> nil then begin
      case enforcement of
        DEP_DISABLED: dep_flags := MEM_EXECUTE_OPTION_DISABLE;
        DEP_ENABLED: dep_flags := MEM_EXECUTE_OPTION_PERMANENT or
          MEM_EXECUTE_OPTION_ENABLE;

        DEP_ENABLED_ATL7_COMPAT: dep_flags := MEM_EXECUTE_OPTION_PERMANENT or
          MEM_EXECUTE_OPTION_ENABLE or
          MEM_EXECUTE_OPTION_ATL7_THUNK_EMULATION;

      else Exit;
      end;
      hr := NtSetInformationProcess(GetCurrentProcess(),
        ProcessExecuteFlags,
        @dep_flags,
        sizeof(dep_flags));
      if hr = S_OK then Result := True
      else Result := False;


    end;
  end;
end;

initialization
  SetCurrentProcessDEP(DEP_DISABLED);

end.
 

좋은 웹페이지 즐겨찾기