Matthieu Suiche’s blog !

Physical memory access is fashion…

by Matthieu Suiche on Mar.04, 2008, under Windows

These last weeks several proof of concept were published about physical memory access.

The first one (21 February 2008) was from Princeton university who published a very buzzed proof of concept in video.. This one allows to read the physical memory in a limited time.

The second one was SandMan which is hosted by myself. This one was released 4 days later by the University of Princeton proof of concept and give read/write access to physical memory though the hibernation file.

And few hours ago, a security researcher called Adam Boileau released a tool called Winlockpwn. This last one use firewire port to get read/write access to physical memory.

There is only 2 weeks between the Princeton’s release and Adam’s one. Live forensics looks to be very fashionable…

No comments for this entry yet...

Leave a Reply

Powered by WP Hashcash

Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!

Visit our friends!

A few highly recommended friends...

Archives

All entries, chronologically...