Dailydave mailing list archives
Re: Whitepaper: Implementing and Detecting a PCI Rootkit
From: Chris Wysopal <weld () vulnwatch org>
Date: Thu, 16 Nov 2006 15:30:01 -0500 (EST)
On Thu, 16 Nov 2006, Dave Aitel wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 That's really cool. One thing Immunity has been investigating is selling a literal hardware PCI card that you can install into someone's machine which then infects their system and injects a callback shellcode. That way if you break into someone's office, you can throw these PCI cards into a few desktops and then leave, and you'll get MOSDEF shells at home every day! Nothing to analyze on disk either. :>
This is kind of the opposite of the Tribble project that was started at @stake. The idea of Tribble is a PCI card for hardware based forensics. http://www.grandideastudio.com/portfolio/index.php?id=1&prod=14 -Chris _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Whitepaper: Implementing and Detecting a PCI Rootkit John Heasman (Nov 16)
- Re: Whitepaper: Implementing and Detecting a PCI Rootkit Dave Aitel (Nov 16)
- Re: Whitepaper: Implementing and Detecting a PCI Rootkit sinan . eren (Nov 16)
- Re: Whitepaper: Implementing and Detecting a PCI Rootkit Dan Moniz (Nov 16)
- Re: Whitepaper: Implementing and Detecting a PCI Rootkit Dave Korn (Nov 16)
- Re: Whitepaper: Implementing and Detecting a PCI Rootkit Peter Winter-Smith (Nov 17)
- Re: Whitepaper: Implementing and Detecting a PCI Rootkit Dave Aitel (Nov 17)
- Re: Whitepaper: Implementing and Detecting a PCI Rootkit sinan . eren (Nov 16)
- Re: Whitepaper: Implementing and Detecting a PCI Rootkit Paul Wouters (Nov 16)
- Re: Whitepaper: Implementing and Detecting a PCI Rootkit Chris Wysopal (Nov 17)
- Re: Whitepaper: Implementing and Detecting a PCI Rootkit Dave Aitel (Nov 16)
- <Possible follow-ups>
- Re: Whitepaper: Implementing and Detecting a PCI Rootkit sinan . eren (Nov 17)