How to detect hardware-based DEP status

Jim Charles

4.83/5 (7 votes)

5 Dec 2011CPOL

30K

466

Detect hardware-based DEP status.

Introduction

Everybody knows that there are two forms of DEP: hardware-based and software-based. Hardware-based DEP needs support from the CPU materialized by a so-called NX bit (non-executable bit). After AMD decided to include this functionality in its AMD64 family, Intel introduced a similar feature called Execute Disable Bit (XD) in x86 processors beginning with the Pentium 4 processors based on later iterations of the Prescott core.

Background

To find out if your CPU supports DEP, try the excellent program SecurAble. I could’t find the source code in C++. So I wrote a function in this article to detect hardware-based DEP status.

Using the code

C++

bool detect_hardbased_DEP_status();//TRUE,HardwareBased_EDP is enable,or,disabled.

bool detect_hardbased_DEP_status()
{
    HRESULT hres;
    //
    // Step 1: --------------------------------------------------
    // Initialize COM. ------------------------------------------
    //
    hres =  CoInitializeEx(0, COINIT_MULTITHREADED); 
    if (FAILED(hres))
    {
        //cout << "Failed to initialize COM library. Error code = 0x" 
        //    << hex << hres << endl;
        return 1;                  // Program has failed.
    }
    //
    // Step 2: --------------------------------------------------
    // Set general COM security levels --------------------------
    // Note: If you are using Windows 2000, you need to specify -
    // the default authentication credentials for a user by using
    // a SOLE_AUTHENTICATION_LIST structure in the pAuthList ----
    // parameter of CoInitializeSecurity ------------------------
    //
    hres =  CoInitializeSecurity(
        NULL, 
        -1,                          // COM authentication
        NULL,                        // Authentication services
        NULL,                        // Reserved
        RPC_C_AUTHN_LEVEL_DEFAULT,   // Default authentication 
        RPC_C_IMP_LEVEL_IMPERSONATE, // Default Impersonation  
        NULL,                        // Authentication info
        EOAC_NONE,                   // Additional capabilities 
        NULL                         // Reserved
        );
    //
    //                      
    if (FAILED(hres))
    {
        //cout << "Failed to initialize security. Error code = 0x" 
        //    << hex << hres << endl;
        CoUninitialize();
        return 1;                    // Program has failed.
    }
    //    
    // Step 3: ---------------------------------------------------
    // Obtain the initial locator to WMI -------------------------
    //
    IWbemLocator *pLoc = NULL;
    //
    hres = CoCreateInstance(
        CLSID_WbemLocator,             
        0, 
        CLSCTX_INPROC_SERVER, 
        IID_IWbemLocator, (LPVOID *) &pLoc);
    // 
    if (FAILED(hres))
    {
        //cout << "Failed to create IWbemLocator object."
        //    << " Err code = 0x"
        //    << hex << hres << endl;
        CoUninitialize();
        return 1;                 // Program has failed.
    }
    //
    // Step 4: -----------------------------------------------------
    // Connect to WMI through the IWbemLocator::ConnectServer method
    //
    IWbemServices *pSvc = NULL;
    // 
    // Connect to the root\cimv2 namespace with
    // the current user and obtain pointer pSvc
    // to make IWbemServices calls.
    hres = pLoc->ConnectServer(
         _bstr_t(L"ROOT\\CIMV2"), // Object path of WMI namespace
         NULL,                    // User name. NULL = current user
         NULL,                    // User password. NULL = current
         0,                       // Locale. NULL indicates current
         NULL,                    // Security flags.
         0,                       // Authority (e.g. Kerberos)
         0,                       // Context object 
         &pSvc                    // pointer to IWbemServices proxy
         );
    //    
    if (FAILED(hres))
    {
        //cout << "Could not connect. Error code = 0x" 
        //     << hex << hres << endl;
        pLoc->Release();     
        CoUninitialize();
        return 1;                // Program has failed.
    }
    //
    //cout << "Connected to ROOT\\CIMV2 WMI namespace" << endl;
    //
    //
    // Step 5: --------------------------------------------------
    // Set security levels on the proxy -------------------------
    //
    hres = CoSetProxyBlanket(
       pSvc,                        // Indicates the proxy to set
       RPC_C_AUTHN_WINNT,           // RPC_C_AUTHN_xxx
       RPC_C_AUTHZ_NONE,            // RPC_C_AUTHZ_xxx
       NULL,                        // Server principal name 
       RPC_C_AUTHN_LEVEL_CALL,      // RPC_C_AUTHN_LEVEL_xxx 
       RPC_C_IMP_LEVEL_IMPERSONATE, // RPC_C_IMP_LEVEL_xxx
       NULL,                        // client identity
       EOAC_NONE                    // proxy capabilities 
    );
    //
    if (FAILED(hres))
    {
       // cout << "Could not set proxy blanket. Error code = 0x" 
       //     << hex << hres << endl;
        pSvc->Release();
        pLoc->Release();     
        CoUninitialize();
        return 1;               // Program has failed.
    }
    //
    // Step 6: --------------------------------------------------
    // Use the IWbemServices pointer to make requests of WMI ----
    //
    // For example, get the name of the operating system
    IEnumWbemClassObject* pEnumerator = NULL;
    hres = pSvc->ExecQuery(
        bstr_t("WQL"), 
        bstr_t("SELECT * FROM Win32_OperatingSystem"),
        WBEM_FLAG_FORWARD_ONLY | WBEM_FLAG_RETURN_IMMEDIATELY, 
        NULL,
        &pEnumerator);
    //    
    if (FAILED(hres))
    {
        //cout << "Query for operating system name failed."
        //    << " Error code = 0x" 
        //    << hex << hres << endl;
        pSvc->Release();
        pLoc->Release();
        CoUninitialize();
        return 1;               // Program has failed.
    }
    //
    // Step 7: -------------------------------------------------
    // Get the data from the query in step 6 -------------------
    // 
    IWbemClassObject *pclsObj;
    ULONG uReturn = 0;
    //   
 bool HardWare_Based_DEP_enabled;
    //
    while (pEnumerator)
    {
        HRESULT hr = pEnumerator->Next(WBEM_INFINITE, 1, 
            &pclsObj, &uReturn);
        //
        if(0 == uReturn)
        {
            break;
        }
        //
        VARIANT vtProp;
        // 
        // Get the value of the Name property
  //hr = pclsObj->Get(L"Name", 0, &vtProp, 0, 0);
        //wcout << " OS Name : " << vtProp.bstrVal << endl;
        //
  hr = pclsObj->Get(L"DataExecutionPrevention_Available", 0, &vtProp, 0, 0);
  HardWare_Based_DEP_enabled=vtProp.boolVal;
        //
  VariantClear(&vtProp);
        //
        pclsObj->Release();
    }
    // 
    // Cleanup
    // ========
    //     
    pSvc->Release();
    pLoc->Release();
    pEnumerator->Release();
    //pclsObj->Release();
    CoUninitialize();
    // 
    return HardWare_Based_DEP_enabled;   // Program successfully completed.
    //  
}//

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)