Vulnerability Development mailing list archives
Re: Modern hw-killing virus feasible
From: Gregor Binder <gbinder () sysfive com>
Date: Fri, 9 Mar 2001 10:25:01 +0100
Crist Clark on Thu, Mar 08, 2001 at 11:13:35AM -0800: Crist,
And you have effectively put that box out of commision until someone crack open the case and replaces the EEPROM chip. Upon reboot, the system will demand the EEPROM password before booting. If the administrator of the machine does not have it, she can't get a boot prompt. And since the machine will not boot into single- or multi-user mode, having the root password or alternate boot media is no help.
IIRC you'd have to either power off the box for it to ask for a NVRAM password (shutdown -g0 -i5 -y), or set auto-boot? to false, or set boot-device to something that wont boot the box. A warm reboot will not be enough. To make this harder to exploit, you could remove the eeprom driver.
Sun hardware is designed so the EEPROM can be replaced (at least that's what the docs say and Sun techs/engineers have told me), but this is a serious and potentially expensive PITA. And it's so-o easy.
There is a highly unsupported way of unsetting the NVRAM password, which involves unplugging the NVRAM with power to the machine. A new NVRAM chip will be less than $50, and it is mounted in a socket. Regards, Gregor. -- Gregor Binder <gregor.binder () sysfive com> http://sysfive.com/~gbinder/ sysfive.com GmbH UNIX. Networking. Security. Applications. PGP id: 0x20C6DA55 fp: 18AB 2DD0 F8FA D710 1EDC A97A B128 01C0 20C6 DA55
Current thread:
- Modern hw-killing virus feasible Pavel Machek (Mar 06)
- Re: Modern hw-killing virus feasible Robert Collins (Mar 06)
- Re: Modern hw-killing virus feasible Bart (Mar 06)
- Re: Modern hw-killing virus feasible Ma Gores (Mar 06)
- Re: Modern hw-killing virus feasible fejed (Mar 07)
- Re: Modern hw-killing virus feasible Mike A. Harris (Mar 07)
- Re: Modern hw-killing virus feasible A T (Mar 07)
- Re: Modern hw-killing virus feasible Juan M. Courcoul (Mar 08)
- Re: Modern hw-killing virus feasible Syzop (Mar 08)
- Re: Modern hw-killing virus feasible Crist Clark (Mar 08)
- Re: Modern hw-killing virus feasible Gregor Binder (Mar 09)
- Re: Modern hw-killing virus feasible Ma Gores (Mar 06)
- Re: Modern hw-killing virus feasible Daniel Newby (Mar 09)
- Re: Modern hw-killing virus feasible Blue Boar (Mar 07)
- Re: Modern hw-killing virus feasible Lincoln Yeoh (Mar 08)
- Re: Modern hw-killing virus feasible Vitaly McLain (Mar 08)
- Re: Modern hw-killing virus feasible Blue Boar (Mar 08)
- Re: Modern hw-killing virus feasible Vortex (Mar 25)
- Re: Modern hw-killing virus feasible Jonathan James (Mar 25)
- Re: Modern hw-killing virus feasible fejed (Mar 08)