|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Full-disclosure] Firewire Attack on Windows Vista
From: Tim (tim-security
sentinelchicken.org)
Date: Thu Mar 06 2008 - 14:20:28 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> >>...Windows would not do this. It would only open up access to devices
> that it thought needed DMA. This is why Metlstorm had to make his Linux
> machine behave like an iPod to fool Windows into spreading it's legs.
>
> So the iPod software opens up the whole address space? I don't get it.
No, the iPod device signature makes Windows drivers think it should
allow DMA access for that device because it detect it as a disk device.
Other disk device signatures would likely work the same way, that's just
the one he happened to emulate.
tim
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]