zlacker

[return to "Can you get root with only a cigarette lighter?"]
1. i4k+en[view] [source] 2024-10-07 15:45:18
>>1317+(OP)
This was very well written and an amazing challenge but my brain is wired to that "hacking common sense" that if you have physical access then it's already over... the first thing that came to my mind was that, if you have physical access, then you can reflash the BIOS, install a driver backdoor, you can boot a live OS and then it's just a matter of tampering /etc/{passwd,shadow,groups, etc} ...

but I remembered that most of the physical access hacks would not be possible if the disk is encrypted.. which then makes this kind of hack enormously attractive.

The antenna idea can be extended to be a piece of hardware with the interference device built-in (piezo or whatever) which communicates with the external world with any wireless medium and then the attacker can trigger the interference remotely. This, plus a website controlled by the hacker which the victim is scammed to visit can be enough to make it viable.

◧◩
2. ruslan+vs1[view] [source] 2024-10-07 21:36:55
>>i4k+en
AFAIC, reflashing BIOS won't give you anything, you need to sign it first with proper private key which is checked by the CPU hardware before execution begins. This EMI trick fools CPU itself and I cannot see how it can be fixed, unless new paging algorithm is invented.
◧◩◪
3. i4k+cP1[view] [source] 2024-10-08 00:50:54
>>ruslan+vs1
It depends on the target hardware.

- https://github.com/binarly-io/SupplyChainAttacks/tree/main/M...

- https://github.com/binarly-io/SupplyChainAttacks/tree/main/L...

- https://github.com/binarly-io/SupplyChainAttacks/tree/main/P...

[go to top]