XP Password Cracking using IEEE-1394 - Which is the tool?

[Manu Zacharia (-M-)]

Hi All,

I was listening to the TechTarget Weekly Podcast, where they were talking about a password cracking tool for Windows XP using the IEEE-1394 port. Do you have any idea about this tool. They say that its a linux based tool.

I Could find the following link.

http://freerepublic.com/focus/f-chat/1981136/posts

Any more links or info do we have?

[eth3real]

I saw this on Hackszine.com a few days ago.
http://www.hackszine.com/blog/archive/2008/03/ram_dump_over_firewire.html

It looks like the name of the tool is winlockpwn. I haven't got a chance to try it out, yet, since I have no PCs with FireWire.
Here is the link to the project site.
http://storm.net.nz/projects/16

[LSOChris]

yup thats the right link.  getting the libraries installed is straightforward but i havent been able to get it to work on ubuntu, some sort of python memory read issue.

[eth3real]

This is something I really have to try out soon.

My laptop at work has a FireWire port, but I disabled it a long time ago since I don't use it. It's time for me to dig up a cable and test some of the workstations around the office.

One could also get a PCMCIA IEE-1394 card for their laptop to try this out.

I would be curious to see if this will work with a Windows laptop running andLinux (see http://www.andlinux.org/). I will try this out some time this week.

[eth3real]

I was just curious if anybody has been able to try this out, or if this type of vulnerability is being addressed in pentests, etc., or if Microsoft has corrected this problem yet.

It has been a dead topic for a while, but I still think it shows some potential. I haven't yet been able to try it myself, though.

[LSOChris]

its regarded as a feature not a vulnerability.  there are some tutorials out there using helix to get this going and someone got it going on BT3 as well.