Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Firewire Attack on Windows Vista

From: FD <fd () cms ac>
Date: Mon, 10 Mar 2008 19:50:28 +0100
How much should the average user worry about this? Not very much. Most
notebooks from average users don't even have Firewire on them and you
would have an easier time cracking them with a dictionary attack on
the password and other such things, which means that this attack
makes you no more vulnerable to compromise if you've already granted
physical access than you were before.


you don't need a firewire port on your laptop, a pcmcia slot is enough
where an attacker inserts a firewire card. but still.. it's a physical
access attack..

regarding your other email:


OK, I guess I misunderstood the original paper
(http://www.sec-consult.com/fileadmin/Whitepapers/Vista_Physical_Attacks
.pdf). It now looks to me like they are claiming they can disable
password authentication *even while the system is not logged on* - do
I have that right?


yes, if the system is off and you can turn it on (e.g. no bios or hdd
encryption passwords) you can bypass the logon screen. this is because
the tool searches for the function "MsvpPasswordValidate" in memory and
patches it to allow any password.

FD


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: