Re: Firewire vulnerability applicable on FreeBSD?
--LQksG6bCIzRHxTLp
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Sat, Mar 22, 2008 at 07:12:09PM +0100, Jeremie Le Hen wrote:
> Hi there,
>=20
> I've stumbled on this article. I wonder if this is applicable to
> FreeBSD. Would it still be possible to exploit it without a firewire
> driver?
>=20
> http://www.dailytech.com/Lock+Your+Workstations+Or+Not+New+Tool+Bypasses+=
Windows+Logon/article10972.htm
>=20
> =AB The tool is a simple, 200-line script written in the Python
> programming language exploits features built into Firewire that allow
> direct access to a computer's memory. By targeting specific places that
> Windows consistently stores its vital authentication functions,
> Boileau's tool is able to overwrite Windows' secured code with patches
> that skip Windows' password check entirely. =BB
>=20
It is, and FreeBSD was used in a proof of concept for reading passwords
via FireWire some years ago (see http://md.hudora.de/presentations/ for
sample Python code). In CURRENT and RELENG_7, there's a tunable to
disable physical access, see fwohci(4), it should probably be ported back
to RELENG_6.
- Christian
--=20
Christian Brueffer chris@unixpages.org brueffer@FreeBSD.org
GPG Key: http://people.freebsd.org/~brueffer/brueffer.key.asc
GPG Fingerprint: A5C8 2099 19FF AACA F41B B29B 6C76 178C A0ED 982D
--LQksG6bCIzRHxTLp
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (FreeBSD)
iD8DBQFH5m2KbHYXjKDtmC0RAiVXAKC6gSA6o2zsGIvnZ4Ig5cWa1JYMVACgxXbc
UQD7Y+S5wX7XXSI/qJK2bUo=
=ZR3m
-----END PGP SIGNATURE-----
--LQksG6bCIzRHxTLp--
討論串 (同標題文章)
完整討論串 (本文為第 3 之 4 篇):