Re: [Full-disclosure] Firewire Attack on Windows Vista
- From: Tim <tim-security@xxxxxxxxxxxxxxxxxxx>
- Date: Thu, 6 Mar 2008 12:20:28 -0800
that it thought needed DMA. This is why Metlstorm had to make his Linux...Windows would not do this. It would only open up access to devices
machine behave like an iPod to fool Windows into spreading it's legs.
So the iPod software opens up the whole address space? I don't get it.
No, the iPod device signature makes Windows drivers think it should
allow DMA access for that device because it detect it as a disk device.
Other disk device signatures would likely work the same way, that's just
the one he happened to emulate.
tim
- Follow-Ups:
- RE: [Full-disclosure] Firewire Attack on Windows Vista
- From: Larry Seltzer
- RE: [Full-disclosure] Firewire Attack on Windows Vista
- References:
- Firewire Attack on Windows Vista
- From: Bernhard Mueller
- RE: Firewire Attack on Windows Vista
- From: Roger A. Grimes
- Re: Firewire Attack on Windows Vista
- From: Peter Watkins
- RE: Firewire Attack on Windows Vista
- From: Larry Seltzer
- Re: [Full-disclosure] Firewire Attack on Windows Vista
- From: Tim
- RE: [Full-disclosure] Firewire Attack on Windows Vista
- From: Larry Seltzer
- Firewire Attack on Windows Vista
- Prev by Date: Re: [Full-disclosure] Firewire Attack on Windows Vista
- Next by Date: RE: [Full-disclosure] Firewire Attack on Windows Vista
- Previous by thread: RE: [Full-disclosure] Firewire Attack on Windows Vista
- Next by thread: RE: [Full-disclosure] Firewire Attack on Windows Vista
- Index(es):
