Bugtraq mailing list archives
Re: [Full-disclosure] Firewire Attack on Windows Vista
From: Tim <tim-security () sentinelchicken org>
Date: Thu, 6 Mar 2008 12:20:28 -0800
...Windows would not do this. It would only open up access to devicesthat it thought needed DMA. This is why Metlstorm had to make his Linux machine behave like an iPod to fool Windows into spreading it's legs. So the iPod software opens up the whole address space? I don't get it.
No, the iPod device signature makes Windows drivers think it should allow DMA access for that device because it detect it as a disk device. Other disk device signatures would likely work the same way, that's just the one he happened to emulate. tim
Current thread:
- Firewire Attack on Windows Vista Bernhard Mueller (Mar 05)
- Re: Firewire Attack on Windows Vista Thierry Zoller (Mar 05)
- RE: Firewire Attack on Windows Vista Roger A. Grimes (Mar 05)
- Re: Firewire Attack on Windows Vista Peter Watkins (Mar 06)
- RE: Firewire Attack on Windows Vista Larry Seltzer (Mar 06)
- Re: [Full-disclosure] Firewire Attack on Windows Vista Tim (Mar 07)
- RE: [Full-disclosure] Firewire Attack on Windows Vista Larry Seltzer (Mar 07)
- Re: [Full-disclosure] Firewire Attack on Windows Vista Tim (Mar 07)
- RE: [Full-disclosure] Firewire Attack on Windows Vista Larry Seltzer (Mar 07)
- Re: [Full-disclosure] Firewire Attack on Windows Vista Tim (Mar 07)
- Re: Firewire Attack on Windows Vista Peter Watkins (Mar 06)
- RE: [Full-disclosure] Firewire Attack on Windows Vista Thor (Hammer of God) (Mar 07)
- RE: [Full-disclosure] Firewire Attack on Windows Vista Thor (Hammer of God) (Mar 07)
- RE: [Full-disclosure] Firewire Attack on Windows Vista Larry Seltzer (Mar 07)
- RE: [Full-disclosure] Firewire Attack on Windows Vista Larry Seltzer (Mar 07)
- RE: [Full-disclosure] Firewire Attack on Windows Vista Thor (Hammer of God) (Mar 07)
- Message not available
- RE: [Full-disclosure] Firewire Attack on Windows Vista Larry Seltzer (Mar 08)
- Re: [Full-disclosure] Firewire Attack on Windows Vista Tim (Mar 08)
- RE: [Full-disclosure] Firewire Attack on Windows Vista Larry Seltzer (Mar 08)