Bugtraq mailing list archives
Re: [Full-disclosure] Firewire Attack on Windows Vista
From: FD <fd () cms ac>
Date: Mon, 10 Mar 2008 19:50:28 +0100
How much should the average user worry about this? Not very much. Most notebooks from average users don't even have Firewire on them and you would have an easier time cracking them with a dictionary attack on the password and other such things, which means that this attack makes you no more vulnerable to compromise if you've already granted physical access than you were before.
you don't need a firewire port on your laptop, a pcmcia slot is enough where an attacker inserts a firewire card. but still.. it's a physical access attack.. regarding your other email:
OK, I guess I misunderstood the original paper (http://www.sec-consult.com/fileadmin/Whitepapers/Vista_Physical_Attacks .pdf). It now looks to me like they are claiming they can disable password authentication *even while the system is not logged on* - do I have that right?
yes, if the system is off and you can turn it on (e.g. no bios or hdd encryption passwords) you can bypass the logon screen. this is because the tool searches for the function "MsvpPasswordValidate" in memory and patches it to allow any password. FD
Current thread:
- Re: [Full-disclosure] Firewire Attack on Windows Vista, (continued)
- Re: [Full-disclosure] Firewire Attack on Windows Vista Tim (Mar 10)
- Re: [Full-disclosure] Firewire Attack on Windows Vista Jacob Appelbaum (Mar 10)
- RE: [Full-disclosure] Firewire Attack on Windows Vista Larry Seltzer (Mar 10)
- Re: [Full-disclosure] Firewire Attack on Windows Vista Jacob Appelbaum (Mar 11)
- Re: Firewire Attack on Windows Vista Stefan Kanthak (Mar 10)
- RE: [Full-disclosure] Firewire Attack on Windows Vista Larry Seltzer (Mar 10)
- Re: [Full-disclosure] Firewire Attack on Windows Vista Stefan Kanthak (Mar 10)
- Re: [Full-disclosure] Firewire Attack on Windows Vista Ansgar -59cobalt- Wiechers (Mar 10)
- Re: Firewire Attack on Windows Vista Steve Shockley (Mar 11)
- Re: Firewire Attack on Windows Vista Stefan Kanthak (Mar 13)
- Re: [Full-disclosure] Firewire Attack on Windows Vista FD (Mar 11)
- RE: Firewire Attack on Windows Vista Thor (Hammer of God) (Mar 07)
- Re: Firewire Attack on Windows Vista Tonnerre Lombard (Mar 07)
- Re: Firewire Attack on Windows Vista Nathanael Hoyle (Mar 07)