Physical memory access is fashion…

Posted by Matthieu Suiche on March 4, 2008 · Leave a Comment

These last weeks several proof of concept were published about physical memory access.

The first one (21 February 2008) was from Princeton university who published a very buzzed proof of concept in video.. This one allows to read the physical memory in a limited time.

The second one was SandMan which is hosted by myself. This one was released 4 days later by the University of Princeton proof of concept and give read/write access to physical memory though the hibernation file.

And few hours ago, a security researcher called Adam Boileau released a tool called Winlockpwn. This last one use firewire port to get read/write access to physical memory.

There is only 2 weeks between the Princeton’s release and Adam’s one. Live forensics looks to be very fashionable…

Filed under Windows · Tagged with

M	T	W	T	F	S	S
« Feb				Apr »
					1	2
3	4	5	6	7	8	9
10	11	12	13	14	15	16
17	18	19	20	21	22	23
24	25	26	27	28	29	30
31

Matthieu Suiche's blog

Physical memory access is fashion…

Keep connected

Recent Posts

Categories

Archives

Blogroll

Calendar

Search

Pages