IPOD - Firewire memory dump
Parlavo qualche in qualche post qui sotto del fantastico mondo degli attacchi fisici alla macchine e dei dump della memoria ram Mi lamento sempre di quanto la mia testa faccia cilecca ma dalla serie "il cervello non smette mai di lavorare" con un tempo computazionale di 17 giorni ecco il risultato Firewire port == owned. I read about Max Dornseif's work on doing memory forensics (and bad things) using the physical-memory-DMA feature of Firewire earlier this year. Being curious, I implemented my own stack of tools to try it out against my Linux laptop (before I knew that Max's OSX python-firewire bindings had been ported to Linux!). It worked just like Max said, and of course, because physical-memory-DMA-busmastering is the Fire in Firewire. However, despite working fine against Linux, Macs and BSD boxen, it didn't work against Windows. My colleague Tmasky set to it, and soon enough had found the miracle ingredient. Skip forward a few months, and it's now a big...