FlameX
Mar 9 2008, 09:09 PM
QUOTE A New Zealand security researcher has published a software tool allowing attackers to quickly gain access to Windows systems via a Firewire port.
The tool, which can only be used by attackers with physical access to a system, comes shortly after the publication of research on gaining access to encrypted hard drives via physical access to memory.
Researcher Adam Boileau, a consultant with Immunity, originally demonstrated the access tool at a security conference in 2006, but decided not to release the code any further at the time. Two years later, however, nothing has been done toward fixing the problem, so he decided to go public.
"Yes, this means you can completely own any box whose Firewire port you can plug into in seconds," said Boileau in a recent blog entry.
An attacker must connect to the machine with a Linux system and a Firewire cable to run the tool.
The tool, called Winlockpwn, allows users to bypass Windows authorization, was originally demonstrated at Ruxcon in 2006 at a talk called "Hit By A Bus: Physical Access Attacks With Firewire".
At the time, Boileau also demonstrated some of the malicious uses of the tool, but said he wouldn't be releasing the code for those attacks.
The attack takes advantage of the fact that Firewire can directly read and write to a system's memory, adding extra speed to data transfer. According to Boileau, because this capability is built into Firewire, Microsoft doesn't consider the problem a standard bug.
On the other hand, Boileau said he feels PC users need to be more aware of the fact that their systems can be unlocked via Firewire.
"Yes, it's a feature, not a bug," Boileau stated. "Microsoft knows this. The OHCI-1394 spec knows this. People with Firewire ports generally don't."
Microsoft was not immediately available for comment. In the past the company has downplayed security problems that require physical access.
Firewire has become common on Windows systems in the past few years, and is especially prevalent on laptops.
Researcher Maximillian Dornseif demonstrated a similar exploit on Linux and Mac OS X systems at the CanSec conference in 2005, connecting to those systems via a malicious iPod and Firewire.
According to security researchers, the problem can be remedied by disabling Firewire when not in use.
Reply
coolcat50
Mar 9 2008, 10:02 PM
Wow! Thanks for posting this. I am not sure that this is the correct place to post it though unless it deals with PHP. I am a Windows/Linux user and need to watch out for this. I am not sure though that my computer has a Firewire port though. This is huge and dangerous.
Reply
Forbez
Mar 9 2008, 10:45 PM
Holy crap. Nice post, very intresting to see yet another program whereby hackers can hack you. Thanks for the heads up.
Reply
Inhuman
Mar 9 2008, 11:05 PM
My question is how does one find out if they have a Firewire port and how do I disable it if I do? I mean, I don't want my laptop hacked...especially since I'm on vista....
Reply
alex7h3pr0gr4m3r
Mar 10 2008, 05:50 AM
QUOTE(Inhuman @ Mar 9 2008, 03:05 PM)  My question is how does one find out if they have a Firewire port and how do I disable it if I do? I mean, I don't want my laptop hacked...especially since I'm on vista.... Well if your laptop had it it would have either the firewire symbol:  or this i1394 symbol next to it:  I don't know what you could do about disabling it, but I'm pretty sure that you would notice if somebody plugged a cable into your port of your laptop.
Reply
Inhuman
Mar 10 2008, 07:56 AM
Haha, yea probably. But I don't see those symbols anywhere, so I think I'm good for meow.  Thanks for the info. 
Reply
sonesay
Mar 10 2008, 08:11 AM
Hey flamex do you have the original source for this? The odds that you will have access to a machine with windows and firewire port is very slim. Most people wont leave their machines unattended. I wouldn't too worried unless your computer is a shared one where other people can jump on at anytime. Thanks for sharing the article by the way it was a good read.
Reply
FlameX
Mar 11 2008, 08:32 PM
QUOTE(sonesay @ Mar 10 2008, 01:41 PM) Hey flamex do you have the original source for this? The odds that you will have access to a machine with windows and firewire port is very slim. Most people wont leave their machines unattended. I wouldn't too worried unless your computer is a shared one where other people can jump on at anytime.
Thanks for sharing the article by the way it was a good read. hey buddy ... watever was ther in the article i have posted it .. that was it ... > in the article its written tht the hacker himself cant share a few things .. Well i read this in the PC WOrld magazine .. > if u want i ll pm u the link .. >
Reply
SpeedFX
Mar 16 2008, 04:11 PM
wow, didn't knew this man, thanks for posting this
Reply
Framp
May 26 2008, 03:05 PM
Wow! Pretty scary... if you use windows ] That's a huge vulnerabilty but I'm wondering how many laptops have a firewire port (not-apple laptops of course )
Reply
chappill
May 26 2008, 06:17 PM
Hahaha I was arguing with my family earlier today. I was telling them just how good Linux is and how crap (thus the small letter) windows was. None of them agreed saying that Linux was for the clever people and that all the guys at university use it, yet I'm 14 and i can use it better than they can use pen and paper! They have no idea what there on about and this is just proof that windows is dying, Long live Linux and Mac!
Reply
Recent Queries:--
bypass windows authentication via firewire - 62.90 hr back. (1)
Similar Topics
Keywords : windows hacked firewire- Compiling Php On Windows
- (5)
- Windows Login Credentials
- (0)
On an intranet I'm running php. apache and mysql. We use Windows logins. I have a form that
users can submit. This will require a login. I would prefer to use the windows login and passwords.
can I link to the windows authentication? The issue I see is when a user changes the password. My
link would need to update the password...
Php Escaped Control Characters And Windows
- they aren't working for me. (3)
In php coding, when you escape certain characters, they have an impact on the output of an
echo'd or printed string. ie "\r\n\t" should give you a new line and a tab before outputting the
content for a line of printing. They vary by OS, I know, but I have tried all the variations I can
think of and can't seem to control output using them. Believe me, I have tried multiple
variations and nothing works for me. I have checked the php.ini file for settings but I can't
find where you can modify them. So the question is : Where do i look to confirm the setting...
Parsing Html As Php
- and XAMPP as the server version on Windows (7)
On my Trap17 account here, I have an .htaccess file with the following declaration which (I think)
forces all html files to be parsed by the PHP Parsing engine and therefore I can insert snippets of
php scripts into html files. CODE AddType application/x-httpd-php .html .htm However, when I
add an .htaccess file to the local directory of the version of XAMPP on my local machine, it fails.
I have tried to add the .htaccess file to the htdocs folder and elsewhere, but it still doesn't
work to parse html through the php parser. Any ideas on how to get these htm...
Email Server Help Please
- I need noob detailed help on setting up a email server on windows XP (0)
Hello I would like to say thank you for any help you might give me. I'm new to Apache / PHP and
MySQL I have all them up and running propertly I think. I want to make a PHP online game and I need
to set up an email server so I can have and authincation system. When the player creates an account
I want the computer to email the player a link the have to click on to make there account active.
I have a Comcast 8mbits broadband connection My server is running at http://192.168.1.105 My
PHPinfo file is http://192.168.1.105/phpinfo.php My FormMail File http://192...
Create A Windows User Account
- (1)
hi, i am making an online registration scheme for my website for some webspace. i have got every
thing sorted out exsept for one thing. to acces the ftp service and upload files to there user space
i need to create a user account on the server for that user. is there a way to create a user account
on a windows operating system with php 5 installed. thanks, kvarnerexpress ...
Installing Apache + Php5 + Mysql
- On Windows Sistems (0)
We will use Apache 1.3.*, because it's not recommended that we run PHP on Apache 2.0 on wondows
sistems. First, download the following programs: - Apache 1.3.* - MySQL 4.1.9 - PHP 5.0.3 2.
Installation - Execute Apache's installation program and install it wherever you want, with the
default options. - Extract the MySQL database on the same folder of apache (the same folder than
htdocs) - Extract PHP on C:\php5 3. PHP Configurations Go to c:\php5 eand copy the file php5ts.dll
to the following folders, according to your windows: - c:\windows\system (on Windo...
Looking for windows, hacked, firewire
|
*SIMILAR VIDEOS*
Searching Video's for windows, hacked, firewire
*MORE FROM TRAP17.COM*
|
advertisement
|
|
