We security folks often feel like we are regurgitating the same type of security issues over and over again, just in new contexts. So depending on how you look at it, this is “old new” or “new old” news. Nevertheless, I thought it would be a good idea to take it down from speculation to… Read more »
Posts Tagged: winlockpwn
Fire through the wire
Update: FTWAutopwn is now named Inception: I’ve created a standalone page for the tool here, please be referred to that page for updates on the tool. The last days I’ve been working on an alternative to winlockpwn (unlocking locked Windows boxes through FireWire SBP2 DMA) using libforensic1394. Now I’ve released an alpha version of the tool, Fire… Read more »
Download winlockpwn
Update: I’ve coded a replacement for winlockpwn (Inception) and released the tool here. In case someone is looking for the winlockpwn source code, it is available for download here, complete with signatures for Windows 7.
Alternative to winlockpwn: libforensic1394
A couple of days after demonstrating winlockpwn I came over libforensic1394, a full C library with full Python bindings for leveraging the SBP2 FireWire (IEE1394) DMA feature to perform memory dumps and live patching of physical memory. It works like a charm, and it is much more stable than the old winlockpwn hack. This is… Read more »
winlockpwn on Ubuntu
Update: I’ve released a tool at github called Inception, which uses libforensic1394 to unlock Windows XP, Vista and Windows 7 boxes. IMNSHO, it is much more stable than winlockpwn, easier to use and works against a wider spectrum of target operating systems. Quite regularly I’m being asked to demonstrate the FireWire attack made by MetlStorm aka… Read more »