Physical memory access is fashion…

Posted by Matthieu Suiche on Tuesday, March 4, 2008 · Leave a Comment 

These last weeks several proof of concept were published about physical memory access.

The first one (21 February 2008) was from Princeton university who published a very buzzed proof of concept in video.. This one allows to read the physical memory in a limited time.

The second one was SandMan which is hosted by myself. This one was released 4 days later by the University of Princeton proof of concept and give read/write access to physical memory though the hibernation file.

And few hours ago, a security researcher called Adam Boileau released a tool called Winlockpwn. This last one use firewire port to get read/write access to physical memory.

There is only 2 weeks between the Princeton’s release and Adam’s one. Live forensics looks to be very fashionable…

Filed under Windows · Tagged with

About Matthieu Suiche

Speak Your Mind

Tell us what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!

Powered by WP Hashcash