论文信息 - Using a software exploit to image RAM on an embedded system

Using a software exploit to image RAM on an embedded system

The research in this paper is the result of a court case involving copyright infringement, specifically, a request for expert evidence regarding the proportion of copyrighted data present in the RAM of a games console. This paper presents a novel method to image the memory of an embedded device (a games console) where normal software and hardware memory imaging techniques are not possible. The paper describes how a buffer overflow exploit can be used in order to execute custom code written to create an image of the console's memory. While this work is concerned with the Microsoft Xbox, the principles of vulnerability enabled data acquisition could be extended to other embedded devices, including other consoles, smart phones and PDAs.

Christopher James Hargreaves | Joseph R. Rabaiotti

[1] A. One,et al. Smashing The Stack For Fun And Profit , 1996 .

[2] Andrew bunnie Huang. Hacking the Xbox , 2003 .

[3] Chris Vaughan. Xbox security issues and forensic recovery methodology (utilising Linux) , 2004, Digit. Investig..

[4] Michael Steil,et al. Mistakes Microsoft Made in the Xbox Security System , 2022 .

[5] Paul Burke,et al. Xbox Forensics , 2006, J. Digit. Forensic Pract..

[6] Joe Grand,et al. A hardware-based memory acquisition procedure for digital investigations , 2004, Digit. Investig..

[7] Ariel J. Feldman,et al. Lest we remember: cold-boot attacks on encryption keys , 2008, CACM.

[8] Gary C. Kessler. Book Review: Mac OS X, iPod, and iPhone Forensic Analysis DVD Toolkit , 2008, J. Digit. Forensics Secur. Law.