|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Dailydave] Whitepaper: Implementing and Detecting a PCI Rootkit
From: Paul Wouters (paul
xelerance.com)
Date: Thu Nov 16 2006 - 13:16:25 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Thu, 16 Nov 2006, Dave Aitel wrote:
> That's really cool. One thing Immunity has been investigating is
> selling a literal hardware PCI card that you can install into
> someone's machine which then infects their system and injects a
on xen0 do:
modprobe pciback hide='(0000:00:1d.0)'
echo '0000:00:1d.0' > /sys/bus/pci/drivers/pciback/new_slot
echo '0000:00:1d.0' > /sys/bus/pci/drivers/pciback/bind
and add to xenu.conf:
pci = ['00,1d,0']
hardware is overrated :)
Paul <-- always running a hypervisor cause of evil like Joanna
_______________________________________________
Dailydave mailing list
Dailydavelists.immunitysec.com
http://lists.immunitysec.com/mailman/listinfo/dailydave
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]