|
Dailydave
mailing list archives
Re: Whitepaper: Implementing and Detecting a PCI Rootkit
From: Chris Wysopal <weld () vulnwatch org>
Date: Thu, 16 Nov 2006 15:30:01 -0500 (EST)
On Thu, 16 Nov 2006, Dave Aitel wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
That's really cool. One thing Immunity has been investigating is
selling a literal hardware PCI card that you can install into
someone's machine which then infects their system and injects a
callback shellcode. That way if you break into someone's office, you
can throw these PCI cards into a few desktops and then leave, and
you'll get MOSDEF shells at home every day! Nothing to analyze on disk
either. :>
This is kind of the opposite of the Tribble project that was started at
@stake. The idea of Tribble is a PCI card for hardware based forensics.
http://www.grandideastudio.com/portfolio/index.php?id=1&prod=14
-Chris
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave
 By Date 
By Thread
Current thread:
Re: Whitepaper: Implementing and Detecting a PCI Rootkit sinan . eren (Nov 17)
| 
Intro
