Skorpinok Rover Posted November 9, 2013 Share Posted November 9, 2013 (edited) Hello, Seriously u need to check this fucker. http://www.breaknenter.org/projects/inception/ Regards Skorpinok Edited November 9, 2013 by Skorpinok W7PC Quote Link to comment Share on other sites More sharing options...
digip Posted November 9, 2013 Share Posted November 9, 2013 (edited) Not to burst your bubble, but Firewire has been known, to allow any machine, locked screens or not, to have access to direct memory dumps, which contain domain hashes, login credentials, unencrypted file shares or true crypt volumes keys, etc. This has been an issue for as long as Firewire has existed as far as I recall(don't quote me on that), and I think Chris from SecuraBit did a segment on tools that can take a memory dump/image using forensics tools freely available for download on Hak5 before they moved to California. That I think was over 4, maybe 5 years ago or longer at the old hak-house? The link above though, does bring up a good topic; the fact that physical access to insecure hardware protocols and devices, pose real threats to companies, private citizens, governments, infrastructure, etc. If I'm not mistaken (and could be) its also possible to boot off firewire depending on the bios setup, but I look at this like Kos's otg cable hacks for mobile devices. Physical access being key here, there are probably a lot more things one could do if they had unfettered access to a machine with the right tools. They make tools, that can read and write to firmware/ROM chips as well(without jtag soldering needed for cable access from a PC), so things like cable modems with encryption keys/certs, configs, can be accessed, changed, modified, locked down, etc, so I see this as no difference other than the protocol and medium for attack. Physical access isn't always game over, but it sure isn't bullet proof by any means. Edited November 9, 2013 by digip Quote Link to comment Share on other sites More sharing options...
no42 Posted November 9, 2013 Share Posted November 9, 2013 Yep, brings back fond memories of April 2008 ;) Quote Link to comment Share on other sites More sharing options...
barry99705 Posted November 16, 2013 Share Posted November 16, 2013 Yep, brings back fond memories of April 2008 ;) More like 2004. I remember when this came out. Never did get around to seeing if I could duplicate it. http://pi1.informatik.uni-mannheim.de/filepool/presentations/0wned-by-an-ipod-hacking-by-firewire.pdf Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.