Physical memory access is fashion…
Blogging, WindowsThese last weeks several proof of concept were published about physical memory access.
The first one (21 February 2008) was from Princeton university who published a very buzzed proof of concept in video.. This one allows to read the physical memory in a limited time.
The second one was SandMan which is hosted by myself. This one was released 4 days later by the University of Princeton proof of concept and give read/write access to physical memory though the hibernation file.
And few hours ago, a security researcher called Adam Boileau released a tool called Winlockpwn. This last one use firewire port to get read/write access to physical memory.
There is only 2 weeks between the Princeton’s release and Adam’s one. Live forensics looks to be very fashionable…
Tuesday, March 4th, 2008 at 4:11 pm and is filed under Blogging, Windows. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.