Open Source Vbootkit 2.0 Attack Tool for Windows 7
2009-11-10 21:17
701 查看
http://www.findmysoft.com/news/Open-Source-Vbootkit-2-0-Attack-Tool-for-Windows-7/
Windows 7 Release Candidate is now out and available for public download, and so is the open source attack tool Vbootkit 2.0 created by security researchers Vipin Kumar and Nitin Kumar. The source code of the attack tool has been released under a General Public License (GPL), meaning that anyone can now use it to compromise the Windows 7 operating system.
With Vbootkit 2.0, an attacker could take full control of the OS because there is a design problem within Windows 7. According to its developers, there is no fix for this exploit simply because it is a design issue (as mentioned before). The upside is that the exploit only works if the attacker has physical access to the targeted machine – the exploit cannot be used remotely.
“It hooks the basic hard disk reading mechanism, the INT 13h method, then waits for read requests. When it finds a known signature, it patches the file in memory and the process continues till we reach the kernel,” explained Vipin Kumar for eWeek. In layman’s terms, Vbootkit 2.0 takes control of the Windows 7 OS when the operating process boots up by “making changes to Windows 7 files that are loaded into the system memory during the boot process”.
Microsoft has responded with the following statement: “If one has this kind of unrestricted access, one can do many things to compromise the system. BitLocker, in addition to data encryption, can also help protect against physical-access attacks with its secure-boot technology. The feature uses a Trusted Platform Module (TPM 1.2) to help ensure that a PC running Windows 7 has not been tampered with while the system was offline.”
That may be true, but the thing is that TPM and BitLocker are only available on high-end versions of Windows 7, mainly Windows 7 Enterprise and Windows 7 Ultimate.
If you would like to get the Vbootkit 2.0 source code, a download location is available here.
Windows 7 Release Candidate is now out and available for public download, and so is the open source attack tool Vbootkit 2.0 created by security researchers Vipin Kumar and Nitin Kumar. The source code of the attack tool has been released under a General Public License (GPL), meaning that anyone can now use it to compromise the Windows 7 operating system.
With Vbootkit 2.0, an attacker could take full control of the OS because there is a design problem within Windows 7. According to its developers, there is no fix for this exploit simply because it is a design issue (as mentioned before). The upside is that the exploit only works if the attacker has physical access to the targeted machine – the exploit cannot be used remotely.
“It hooks the basic hard disk reading mechanism, the INT 13h method, then waits for read requests. When it finds a known signature, it patches the file in memory and the process continues till we reach the kernel,” explained Vipin Kumar for eWeek. In layman’s terms, Vbootkit 2.0 takes control of the Windows 7 OS when the operating process boots up by “making changes to Windows 7 files that are loaded into the system memory during the boot process”.
Microsoft has responded with the following statement: “If one has this kind of unrestricted access, one can do many things to compromise the system. BitLocker, in addition to data encryption, can also help protect against physical-access attacks with its secure-boot technology. The feature uses a Trusted Platform Module (TPM 1.2) to help ensure that a PC running Windows 7 has not been tampered with while the system was offline.”
That may be true, but the thing is that TPM and BitLocker are only available on high-end versions of Windows 7, mainly Windows 7 Enterprise and Windows 7 Ultimate.
If you would like to get the Vbootkit 2.0 source code, a download location is available here.
相关文章推荐
- Qt 4.x Open Source (MinGW) for Windows安装
- 装带sp1的英文版Sharepoint,安装必备组件时候遇到The tool was unable to install Hotfix for Microsoft Windows (KB976462)错误
- Kinect开发笔记之二Kinect for Windows 2.0新特性
- ImageX Tool for Windows
- How to compile ipmitool for Windows 32-bit
- github for windows 2.0版本使用教程
- GitHub for Windows 2.0使用教程
- Kinect for Windows SDK 2.0新特性
- GitHub for Windows 2.0使用教程
- GitHub for Windows 2.0使用教程
- GitHub for Windows 2.0使用教程
- Setup 64-bit Windows Server for Running ASP.NET 1.1 and ASP.NET 2.0 at the Same Time
- External BLOB/Binary Store for Windows SharePoint Services 3.0 in C#/.NET 2.0 - Part I(转) 把 sharepoint 大文件保存解决方案
- Kinect开发笔记之二Kinect for Windows 2.0新功能
- GitHub for Windows 2.0使用教程
- GitHub for Windows 2.0使用教程
- Redis Desktop Manager - Redis GUI management tool for Windows, Mac OS X, Ubuntu and Debian.
- 不一样的视角,不一样的Kinect for Windows 2.0
- ArcGIS for Android入门程序之DrawTool2.0