Matthieu Suiche's blog

Archive for August 6th, 2008

SMM Rootkit limitations. (and how to defeat it :-))

August - 6 - 2008

Posted by Matthieu Suiche

Comments Off

Today (I mean meanwhile :-)) at Blackhat US 2008, Shawn Embleton and Sherri Sparks presented their research concerning the CleanHatConsulting SMM Rootkit. * The first and main limitation concerns the D_LCK bit. BIOS Vendors enables this bit for some years (maybe like 2/3 years), few times after Loic Duflot first lecture. It means that “new [ Read More ]

READ FULL POST

Twitter Updates

New commands in WinDbg 6.2.8102.0 http://t.co/Q91NXKLF # 2011/10/02

RT @joshuamsmith_: MoonSols DumpIt released free of charge. (dd for windows, great for forensics) very cool, thx to @MoonSols http://t.c ... # 2011/08/13

"Interesting Malware Trick" using MoonSols DumpIt http://t.co/ljlGpQJ # 2011/08/13

Remember 5-days private training are also available if you want to learn more. See http://bit.ly/l4RAxc for more information. #BlackHat # 2011/08/01

Second round of training about Advanced Physical Memory Acquisition and Analysis starting today ! #BlackHat #LasVegas # 2011/08/01

Happiness only real when shared.

Archive for August 6th, 2008

SMM Rootkit limitations. (and how to defeat it :-))

Twitter Updates

Featured Video

Sponsors

Keep connected

Recent Posts

Categories

Archives