|
Posted by kitten on March 4, 2008, 7:14 pm
If you were Registered and logged in, you could reply and use other advanced thread options
A security consultant based in New Zealand has released a tool that can
unlock Windows computers in seconds without the need for a password.
Adam Boileau first demonstrated the hack, which affects Windows XP
computers but has not yet been tested with Windows Vista, at a security
conference in Sydney in 2006, but Microsoft has yet to develop a fix.
Interviewed in ITRadio's Risky Business podcast, Boileau said the tool,
released to the public today, could "unlock locked Windows machines or
login without a password ... merely by plugging in your Firewire cable
and running a command".
Boileau, a consultant with Immunity Inc., said he did not release the
tool publicly in 2006 because "Microsoft was a little cagey about
exactly whether Firewire memory access was a real security issue or not
and we didn't want to cause any real trouble".
But now that a couple of years have passed and the issue has not
resolved, Boileau decided to release the tool on his website.
To use the tool, hackers must connect a Linux-based computer to a
Firewire port on the target machine. The machine is then tricked into
allowing the attacking computer to have read and write access to its memory.
With full access to the memory, the tool can then modify Windows'
password protection code, which is stored there, and render it ineffective.
Older desktop computers do not come equipped with Firewire ports, which
are needed for the hack to work, but many recent models do. Most laptops
made in the last few years include Firewire ports.
Paul Ducklin, head of technology for security firm Sophos, said the
security hole found by Boileau was not a vulnerability or bug in the
traditional sense, because the ability to use the Firewire port to
access a computer's memory was actually a feature of Firewire.
"If you have a Firewire port, disable it when you aren't using it,"
Ducklin said.
"That way, if someone does plug into your port unexpectedly, your side
of the Firewire link is dead, so they can't interact with your PC,
legitimately or otherwise."
Ducklin also advised people to be careful when giving others physical
access to their computer.
"I know people who'd think three times about asking passing strangers to
take their photo in front of the Opera House in case they did a runner
with the camera, yet who are much more casual with their laptop PC, as
long as it's software-locked, even though the hardware alone is worth
five times as much as the camera," he said.
Microsoft was unavailable for comment at the time of publication.
http://www.theage.com.au/news/security/hack-into-a-windows-pc-no-password-needed/2008/03/04/1204402423638.html
|
|
Posted by Sebastian G. on March 4, 2008, 6:26 pm
If you were Registered and logged in, you could reply and use other advanced thread options
The really strange thing is that every WHQL-certified FireWire driver is
explicitly required to disable this feature on startup.
|
|
Posted by SafeBoot Simon on March 4, 2008, 8:52 pm
If you were Registered and logged in, you could reply and use other advanced thread options > The really strange thing is that every WHQL-certified FireWire driver is
> explicitly required to disable this feature on startup.
Are you sure? I thought DMA access was a requirement of the Firewire
HW specification to allow a device to map into memory?
|
|
Posted by nemo_outis on March 4, 2008, 9:19 pm
If you were Registered and logged in, you could reply and use other advanced thread options
>> The really strange thing is that every WHQL-certified FireWire driver is
>> explicitly required to disable this feature on startup.
>
> Are you sure? I thought DMA access was a requirement of the Firewire
> HW specification to allow a device to map into memory?
Yep, you've got it right.
Regards,
|
|
Posted by Sebastian G. on March 5, 2008, 7:25 am
If you were Registered and logged in, you could reply and use other advanced thread options
>> The really strange thing is that every WHQL-certified FireWire driver is
>> explicitly required to disable this feature on startup.
>
> Are you sure? I thought DMA access was a requirement of the Firewire
> HW specification to allow a device to map into memory?
DMA access and allowing DMA access to every possible memory location are two
different pairs of shoes. A third relevant pair would be bus-mastering.
|
| Similar Threads | Posted | | Hack WINDOWS XP login password | April 14, 2007, 9:02 am |
| Hack Crack Yahoo Aol Msn Hotmail Aim account password by CRACKSPIDERGROUP | July 25, 2008, 10:23 am |
| Hack/Crack Yahoo, Hotmail, aol, Gmail Password [hire2hack.net] | August 6, 2008, 3:01 pm |
| Windows Password Auditor | April 5, 2008, 8:25 am |
| windows bootup password? | October 5, 2008, 1:26 pm |
| Dell 2400 Windows password | July 22, 2007, 10:21 pm |
| NEEDED TWO hb2 ZIP DRIVES | October 7, 2005, 12:15 am |
| Router suggestions needed | May 23, 2006, 8:57 pm |
| Consultant Needed for PKI study | February 20, 2007, 7:03 am |
| Good Browser Needed for Older Computer | January 17, 2006, 7:43 am |
|
XML site map