"Firewire is more than just a port for data transfer. In the hands of hackers, Firewire can be a deadly weapon. One of them able to break windows logon system".
Utilizing small features contained in fire wire, Adam boileau released the source code that makes anyone can break the windows authentication dialog box on any PC with a Firewire port. This tool is very simple, 200 line script written using the python programming language is useful to take advantage of the features embedded in Firewire port that makes a direct access to the computer memory.
By targeting the vital functions which normally keep the windows authentication system, the tool can save bolieau's security code with a few patches that can pass inspection access password windows.
Bolieau released this script the first time in 2006 and is now ready bolieau released to the public because he thought microsoft did not provide a patch to secure the windows logon authentication system. Bolieau also said that he never saw a script that can open a checking system password of windows vista using the PCMCIA port on the laptop to incorporate a Firewire card and then attack the target laptop after installing the automatic windows Firewire card drivers.
It is important to know that the function is more than just Firewire data transfer, especially Firewire has direct access to direct memory access (DMA). Also worth noting that the techniques described scripts can be used on other operating system, including the mac OS X and Linux, and even some hackers are able to modify the ipod to run attack Firewire DMA.
No comments:
Post a Comment