lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <4332D295.1090904@gmail.com>
Date: Thu Sep 22 16:51:08 2005
From: bania.piotr at gmail.com (Piotr Bania)
Subject: Protty v.01A (beta) - shellcode execution
 protection library for Windows NT based systems

Hi,

For those who are interrested i have released Protty lib:

Protty is a ring 3 library developed to protect against
shellcode execution on Windows NT based systems. The full
description of the mechanism was published within the
Phrack magazine volume #63, available here:
http://www.phrack.org/phrack/63/p63-0x0f_NT_Shellcode_Prevention_Demystified.txt 

(sources of the initial release are also available) .
Currently Protty stops most known Windows shellcodes.
Moreover it can block some types of viruses which use
similiar methods as shellcodes do.



Main Protty v.01a (test phase) features are:

- Process Environment Block protection (currently 2 modules protection used)
- Structured Exception Handling protection
- Import section killing (currently main application only)
- Export section protection (currently 2 modules protection used)
- RtlEnterCrticialSection protecting (currently disabled)


available at: http://pb.specialised.info/all/protty/prott_packV01A.zip


best regards,
Piotr Bania


-- 
--------------------------------------------------------------------
Piotr Bania - <bania.piotr@...il.com> - 0xCD, 0x19
Fingerprint: 413E 51C7 912E 3D4E A62A  BFA4 1FF6 689F BE43 AC33
http://pb.specialised.info  - Key ID: 0xBE43AC33
--------------------------------------------------------------------

                           " Dinanzi a me non fuor cose create
                             se non etterne, e io etterno duro.
                             Lasciate ogne speranza, voi ch'intrate "
                                           - Dante, Inferno Canto III

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ