Bugtraq mailing list archives

Breaking in from the monitor at the console

From: an100188 () anon penet fi (an100188 () anon penet fi)
Date: Fri, 27 May 1994 15:34:36 UTC


Breaking into a machine, typically a workstation, by using the monitor
at the console to poke values into memory has always been possible.  I
didn't realize how simple and unobtrusive it was before I saw this
script.  This one is for Suns, but the principle applies to any
machine with a console monitor.  On Sun4s there is some sort of
"secure mode" that I presume lets you disable the monitor.  It is
possible to change the L1-A sequence to another pair of keys, but if
you own /dev/console you can change it back.  This obscurity may or
may not be useful.
 
This particular attack needs a way to run the script on the machine,
typically in a shell.  I presume there are other spots where you could
tickle a machine that don't even require that.  Physically secure
consoles prevent this attack.
 
Sigh.

Current thread:

Breaking in from the monitor at the console an100188 () anon penet fi (May 27)
- <Possible follow-ups>
- Re: Breaking in from the monitor at the console an100188 () anon penet fi (May 28)
  - Re: Breaking in from the monitor at the console Bonfield James (May 31)
  - More PROM password problems Bonfield James (May 31)
- Re: Breaking in from the monitor at the console George Hodson (May 30)
  - Re: Breaking in from the monitor at the console John C. Orthoefer (May 31)
  - Re: Breaking in from the monitor at the console Matthew Jude Brown (May 31)
- Re: Breaking in from the monitor at the console Bruce Barnett (May 31)
- Re: Breaking in from the monitor at the console Casper Dik (May 31)
- Re: Re: Breaking in from the monitor at the console Pete Hartman (May 31)