Firewire vulnerability applicable on FreeBSD?
Christian Brueffer
brueffer at FreeBSD.org
Sun Mar 23 15:17:42 UTC 2008
On Sat, Mar 22, 2008 at 07:12:09PM +0100, Jeremie Le Hen wrote:
> Hi there,
>
> I've stumbled on this article. I wonder if this is applicable to
> FreeBSD. Would it still be possible to exploit it without a firewire
> driver?
>
> http://www.dailytech.com/Lock+Your+Workstations+Or+Not+New+Tool+Bypasses+Windows+Logon/article10972.htm
>
> « The tool is a simple, 200-line script written in the Python
> programming language exploits features built into Firewire that allow
> direct access to a computer's memory. By targeting specific places that
> Windows consistently stores its vital authentication functions,
> Boileau's tool is able to overwrite Windows' secured code with patches
> that skip Windows' password check entirely. »
>
It is, and FreeBSD was used in a proof of concept for reading passwords
via FireWire some years ago (see http://md.hudora.de/presentations/ for
sample Python code). In CURRENT and RELENG_7, there's a tunable to
disable physical access, see fwohci(4), it should probably be ported back
to RELENG_6.
- Christian
--
Christian Brueffer chris at unixpages.org brueffer at FreeBSD.org
GPG Key: http://people.freebsd.org/~brueffer/brueffer.key.asc
GPG Fingerprint: A5C8 2099 19FF AACA F41B B29B 6C76 178C A0ED 982D
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20080323/cf722238/attachment.pgp
More information about the freebsd-security
mailing list