.

USB & DMA?

<<

timmedin

User avatar

Sr. Member
Sr. Member

Posts: 469

Joined: Thu Feb 05, 2009 11:18 pm

Post Wed Feb 18, 2009 11:27 pm

USB & DMA?

It has been known for a while that firewire allows direct memory access (DMA) which allows you to
  • read arbitrary RAM contents from the victim's system,
  • overwrite arbitrary RAM contents with whatever you want,
  • and perform many, many severe attacks based on the two issues above. Examples include grabbing a full RAM dump via Firewire (takes only a few minutes), grabbing ssh-agent keys, grabbing screen contents, modifying screen contents, bypassing login/password screens, and many, many more...
http://www.hermann-uwe.de/blog/physical ... mitigation


This also includes unlocking a locked windows machine.

I was a a DefCon group meeting and one of the guys told me there was a similar attack for unlocking a windows machine but with a USB stick. He was pretty adamant, but I don't think it is possible since I don't believe there is DMA with USB. Can someone shed some light on the subject. I am not talking about AutoRun.
Last edited by timmedin on Wed Feb 18, 2009 11:29 pm, edited 1 time in total.
twitter.com/timmedin | http://blog.securitywhole.com
<<

timmedin

User avatar

Sr. Member
Sr. Member

Posts: 469

Joined: Thu Feb 05, 2009 11:18 pm

Post Tue Mar 03, 2009 6:27 pm

Re: USB & DMA?

... I take that as me being right  ;D
twitter.com/timmedin | http://blog.securitywhole.com
<<

Ketchup

User avatar

Hero Member
Hero Member

Posts: 1021

Joined: Fri Jul 04, 2008 7:44 pm

Location: Philadelphia, PA

Post Tue Mar 03, 2009 10:07 pm

Re: USB & DMA?

The way I understand it is that USB does indeed use DMA, bypassing the CPU and thus enable decent transfer speeds.  When I did research on this, people are saying that Firewire is a BUS, while USB is a PORT.  While both use DMA, Firewire is more unrestricted.  When Microsoft implemented Firewire, they assumed that it was going to be running very fast things like hard drives.  Interestingly enough, people are saying that the DMA works on eSATA as well. 

I am not sure if any of this is true, but that's what I found while researching this topic.
~~~~~~~~~~~~~~
Ketchup
<<

UNIX

User avatar

Hero Member
Hero Member

Posts: 1244

Joined: Mon Apr 28, 2008 9:20 am

Post Sat Jun 13, 2009 11:40 am

Re: USB & DMA?

Hi Ketchup,
recently I am very interested in this kind of attacks for various reasons. Unfortunately I haven't find any reliable sources about USB and DMA or similar. Would you mind to supply me with the sources you have found?
I would be really interested in this.
<<

Ketchup

User avatar

Hero Member
Hero Member

Posts: 1021

Joined: Fri Jul 04, 2008 7:44 pm

Location: Philadelphia, PA

Post Sat Jun 13, 2009 5:26 pm

Re: USB & DMA?

I think that logically it should work, but I was never able to get it to work or find anyone else that has.  I think it's a matter of how Firewire vs USB are implemented in Windows. 
~~~~~~~~~~~~~~
Ketchup

Return to Hardware

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software