[GTALUG] DMA kernel attacks
Russell Reiter
rreiter91 at gmail.com
Mon Mar 13 10:59:55 EDT 2017
On Mar 13, 2017 10:39 AM, "Lennart Sorensen via talk" <talk at gtalug.org>
wrote:
On Mon, Mar 13, 2017 at 10:33:10AM -0400, Lennart Sorensen via talk wrote:
> On Mon, Mar 13, 2017 at 10:27:35AM -0400, Lennart Sorensen via talk wrote:
> > On Sat, Mar 11, 2017 at 01:02:45PM -0500, Russell Reiter via talk wrote:
> > > Another DEFCON talk. This is a hardware attack on M$, OSX & Linux,
PCIleech
> > > = 150mbs over usb3.
> > >
> > > https://www.youtube.com/watch?v=fXthwl6ShOg&list=
PL9fPq3eQfaaAvXV3hJc4yHuNxoviVckoE&index=15#t=2508.995164
> >
> > Well first you have to install your PCIe card in the target machine,
> > which means you would have to shut it down first, which could make
> > booting it again difficult.
> >
> > I thought initially they found a flaw in USB3, but no that is not
> > the case.
> >
> > So it doesn't do anything we didn't already have a problem with in
> > firewire years ago. So yes if you get to put your own PCIe hardware in
> > a machine, you can DMA memory. And it's a bit faster than a firewire
> > card was.
> >
> > The firewire and thunderbolt issues in the past seem much more of a
> > concern than this because they were hardware already present in the
> > target machine. This is pretty much just irrelevant.
>
> The exploit method is interesting (although nothing new), but the access
> method is not.
OK, I am wrong. The fact he has an expressscard, not just PCIe makes it
very interesting since that is hot pluggable from outside the machine.
Now I am impressed.
I was impressed too, thats why I posted the link.
--
Len Sorensen
---
Talk Mailing List
talk at gtalug.org
https://gtalug.org/mailman/listinfo/talk
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://gtalug.org/pipermail/talk/attachments/20170313/b11329b7/attachment.html>
More information about the talk
mailing list