Dailydave mailing list archives
Re: Whitepaper: Implementing and Detecting a PCI Rootkit
From: "Dave Korn" <dave.korn () artimi com>
Date: Thu, 16 Nov 2006 19:10:42 -0000
On 16 November 2006 18:25, Dave Aitel wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 That's really cool. One thing Immunity has been investigating is selling a literal hardware PCI card that you can install into someone's machine which then infects their system and injects a callback shellcode.
Does this really have a lot of advantages over just plugging a U3 drive into a less-frequently used usb port round the back of the machine somewhere?
That way if you break into someone's office, you can throw these PCI cards into a few desktops and then leave, and you'll get MOSDEF shells at home every day! Nothing to analyze on disk either. :>
Wow, no forensics... except of course for your fingerprints and DNA all over the *physical* evidence you left at the scene of crime. Not really sure you're better off that way, I'd rather leave digits behind than anything else. cheers, DaveK -- Can't think of a witty .sigline today.... _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Whitepaper: Implementing and Detecting a PCI Rootkit John Heasman (Nov 16)
- Re: Whitepaper: Implementing and Detecting a PCI Rootkit Dave Aitel (Nov 16)
- Re: Whitepaper: Implementing and Detecting a PCI Rootkit sinan . eren (Nov 16)
- Re: Whitepaper: Implementing and Detecting a PCI Rootkit Dan Moniz (Nov 16)
- Re: Whitepaper: Implementing and Detecting a PCI Rootkit Dave Korn (Nov 16)
- Re: Whitepaper: Implementing and Detecting a PCI Rootkit Peter Winter-Smith (Nov 17)
- Re: Whitepaper: Implementing and Detecting a PCI Rootkit Dave Aitel (Nov 17)
- Re: Whitepaper: Implementing and Detecting a PCI Rootkit sinan . eren (Nov 16)
- Re: Whitepaper: Implementing and Detecting a PCI Rootkit Paul Wouters (Nov 16)
- Re: Whitepaper: Implementing and Detecting a PCI Rootkit Chris Wysopal (Nov 17)
- Re: Whitepaper: Implementing and Detecting a PCI Rootkit Dave Aitel (Nov 16)
- <Possible follow-ups>
- Re: Whitepaper: Implementing and Detecting a PCI Rootkit sinan . eren (Nov 17)