| ||Thread Tools|
|28th November 2014, 10:57||#1|
Join Date: May 2002
Hard disk hacking
With this, my attack was complete. If a blackhat hacker had somehow obtained root access to a server with this drive, he could use fwtool to remotely dump the flash of the disk, modify it and flash it back. Eventually, the owner of the box will find out I am using his box for nefarious purposes and will probably re-install the system, securing the way the hacker orginally entered the machine.
With the firmware hack in place, however, the attacker could tell the hard disk to do something nefarious with the new install. He'd need to trigger that behaviour first, though, and that could be done by writing a certain magic string the firmware hack would look for to the disk. The magic string can be in any file; the attacker could for example upload a .jpeg-file with the string in it to the server. He could also request a file from the webserver with the magic string appended to the URL. That would eventually end up in the logs of the machines, triggering the exploit.
The hard disk firmware hack would then do something nefarious. For example, it could wait for the machine to read out the file /etc/shadow, where all the passwords are stored on an Unix/Linux system, and modify the contents on-the-fly to something the attacker hardcoded earlier. When the attacker would then try to log into the system with his own password, the machine would check this password against the now-modified /etc/shadow and the attacker would be free to login again.
|Thread||Thread Starter||Forum||Replies||Last Post|
|500 GB Hard Disk Drives Roundup||jmke||WebNews||0||5th May 2010 18:12|
|2 TB Hard Disk Drives: Now at 7,200 RPM||jmke||WebNews||0||12th January 2010 09:19|
|500 GB Hard Disk Drive Round-Up||jmke||WebNews||0||11th October 2008 14:47|
|160 GB Hard Disk Drive Round-Up||jmke||WebNews||0||17th July 2008 10:10|
|1TB Hard Disk Drives Roundup||jmke||WebNews||0||9th July 2008 22:52|
|Hard disk checking||Desert Eagle||Hardware/Software Problems, Bugs||2||3rd August 2005 00:19|
|A Hard Disk In A PCI Slot?||Sidney||WebNews||6||18th June 2005 21:08|
|low end hard disk wanted||Wolf2000me||Mad Bargains||0||26th March 2005 17:52|
|Hacking Windows XP: Speeding Disk Access||jmke||WebNews||0||26th October 2004 10:27|