How to detect hardware-based DEP status
4.83/5 (7 votes)
Detect hardware-based DEP status.
Introduction
Everybody knows that there are two forms of DEP: hardware-based and software-based. Hardware-based DEP needs support from the CPU materialized by a so-called NX bit (non-executable bit). After AMD decided to include this functionality in its AMD64 family, Intel introduced a similar feature called Execute Disable Bit (XD) in x86 processors beginning with the Pentium 4 processors based on later iterations of the Prescott core.
Background
To find out if your CPU supports DEP, try the excellent program SecurAble. I could’t find the source code in C++. So I wrote a function in this article to detect hardware-based DEP status.
Using the code
bool detect_hardbased_DEP_status();//TRUE,HardwareBased_EDP is enable,or,disabled.
bool detect_hardbased_DEP_status()
{
HRESULT hres;
//
// Step 1: --------------------------------------------------
// Initialize COM. ------------------------------------------
//
hres = CoInitializeEx(0, COINIT_MULTITHREADED);
if (FAILED(hres))
{
//cout << "Failed to initialize COM library. Error code = 0x"
// << hex << hres << endl;
return 1; // Program has failed.
}
//
// Step 2: --------------------------------------------------
// Set general COM security levels --------------------------
// Note: If you are using Windows 2000, you need to specify -
// the default authentication credentials for a user by using
// a SOLE_AUTHENTICATION_LIST structure in the pAuthList ----
// parameter of CoInitializeSecurity ------------------------
//
hres = CoInitializeSecurity(
NULL,
-1, // COM authentication
NULL, // Authentication services
NULL, // Reserved
RPC_C_AUTHN_LEVEL_DEFAULT, // Default authentication
RPC_C_IMP_LEVEL_IMPERSONATE, // Default Impersonation
NULL, // Authentication info
EOAC_NONE, // Additional capabilities
NULL // Reserved
);
//
//
if (FAILED(hres))
{
//cout << "Failed to initialize security. Error code = 0x"
// << hex << hres << endl;
CoUninitialize();
return 1; // Program has failed.
}
//
// Step 3: ---------------------------------------------------
// Obtain the initial locator to WMI -------------------------
//
IWbemLocator *pLoc = NULL;
//
hres = CoCreateInstance(
CLSID_WbemLocator,
0,
CLSCTX_INPROC_SERVER,
IID_IWbemLocator, (LPVOID *) &pLoc);
//
if (FAILED(hres))
{
//cout << "Failed to create IWbemLocator object."
// << " Err code = 0x"
// << hex << hres << endl;
CoUninitialize();
return 1; // Program has failed.
}
//
// Step 4: -----------------------------------------------------
// Connect to WMI through the IWbemLocator::ConnectServer method
//
IWbemServices *pSvc = NULL;
//
// Connect to the root\cimv2 namespace with
// the current user and obtain pointer pSvc
// to make IWbemServices calls.
hres = pLoc->ConnectServer(
_bstr_t(L"ROOT\\CIMV2"), // Object path of WMI namespace
NULL, // User name. NULL = current user
NULL, // User password. NULL = current
0, // Locale. NULL indicates current
NULL, // Security flags.
0, // Authority (e.g. Kerberos)
0, // Context object
&pSvc // pointer to IWbemServices proxy
);
//
if (FAILED(hres))
{
//cout << "Could not connect. Error code = 0x"
// << hex << hres << endl;
pLoc->Release();
CoUninitialize();
return 1; // Program has failed.
}
//
//cout << "Connected to ROOT\\CIMV2 WMI namespace" << endl;
//
//
// Step 5: --------------------------------------------------
// Set security levels on the proxy -------------------------
//
hres = CoSetProxyBlanket(
pSvc, // Indicates the proxy to set
RPC_C_AUTHN_WINNT, // RPC_C_AUTHN_xxx
RPC_C_AUTHZ_NONE, // RPC_C_AUTHZ_xxx
NULL, // Server principal name
RPC_C_AUTHN_LEVEL_CALL, // RPC_C_AUTHN_LEVEL_xxx
RPC_C_IMP_LEVEL_IMPERSONATE, // RPC_C_IMP_LEVEL_xxx
NULL, // client identity
EOAC_NONE // proxy capabilities
);
//
if (FAILED(hres))
{
// cout << "Could not set proxy blanket. Error code = 0x"
// << hex << hres << endl;
pSvc->Release();
pLoc->Release();
CoUninitialize();
return 1; // Program has failed.
}
//
// Step 6: --------------------------------------------------
// Use the IWbemServices pointer to make requests of WMI ----
//
// For example, get the name of the operating system
IEnumWbemClassObject* pEnumerator = NULL;
hres = pSvc->ExecQuery(
bstr_t("WQL"),
bstr_t("SELECT * FROM Win32_OperatingSystem"),
WBEM_FLAG_FORWARD_ONLY | WBEM_FLAG_RETURN_IMMEDIATELY,
NULL,
&pEnumerator);
//
if (FAILED(hres))
{
//cout << "Query for operating system name failed."
// << " Error code = 0x"
// << hex << hres << endl;
pSvc->Release();
pLoc->Release();
CoUninitialize();
return 1; // Program has failed.
}
//
// Step 7: -------------------------------------------------
// Get the data from the query in step 6 -------------------
//
IWbemClassObject *pclsObj;
ULONG uReturn = 0;
//
bool HardWare_Based_DEP_enabled;
//
while (pEnumerator)
{
HRESULT hr = pEnumerator->Next(WBEM_INFINITE, 1,
&pclsObj, &uReturn);
//
if(0 == uReturn)
{
break;
}
//
VARIANT vtProp;
//
// Get the value of the Name property
//hr = pclsObj->Get(L"Name", 0, &vtProp, 0, 0);
//wcout << " OS Name : " << vtProp.bstrVal << endl;
//
hr = pclsObj->Get(L"DataExecutionPrevention_Available", 0, &vtProp, 0, 0);
HardWare_Based_DEP_enabled=vtProp.boolVal;
//
VariantClear(&vtProp);
//
pclsObj->Release();
}
//
// Cleanup
// ========
//
pSvc->Release();
pLoc->Release();
pEnumerator->Release();
//pclsObj->Release();
CoUninitialize();
//
return HardWare_Based_DEP_enabled; // Program successfully completed.
//
}//