Jump to content

Inception - Firewire exploitation Tool *


Skorpinok Rover

Recommended Posts

Not to burst your bubble, but Firewire has been known, to allow any machine, locked screens or not, to have access to direct memory dumps, which contain domain hashes, login credentials, unencrypted file shares or true crypt volumes keys, etc. This has been an issue for as long as Firewire has existed as far as I recall(don't quote me on that), and I think Chris from SecuraBit did a segment on tools that can take a memory dump/image using forensics tools freely available for download on Hak5 before they moved to California. That I think was over 4, maybe 5 years ago or longer at the old hak-house?

The link above though, does bring up a good topic; the fact that physical access to insecure hardware protocols and devices, pose real threats to companies, private citizens, governments, infrastructure, etc. If I'm not mistaken (and could be) its also possible to boot off firewire depending on the bios setup, but I look at this like Kos's otg cable hacks for mobile devices. Physical access being key here, there are probably a lot more things one could do if they had unfettered access to a machine with the right tools. They make tools, that can read and write to firmware/ROM chips as well(without jtag soldering needed for cable access from a PC), so things like cable modems with encryption keys/certs, configs, can be accessed, changed, modified, locked down, etc, so I see this as no difference other than the protocol and medium for attack. Physical access isn't always game over, but it sure isn't bullet proof by any means.

Edited by digip
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...