论文信息 - Targeting Physically Addressable Memory

Targeting Physically Addressable Memory

This paper introduces new advances in gaining unauthorised access to a computer by accessing its physical memory via various means. We will show a unified approach for using IEEE1394, also known as firewire, file descriptors and other methods to read from and write into a victim's memory. Thereafter we will show the power of this ability in several example attacks: stealing private SSH keys, and injecting arbitrary code in order to obtain interactive access with administrator privileges on the victim's computer. These advances are based on data structures that are required by the CPU to provide virtual address spaces for each process running on the system. These data structures are searched and parsed in order to reassemble pages scattered in physical memory, thus being able to read and write in each processes virtual address space. The attacks introduced in this paper are adaptable to all kinds of operating system and hardware combinations. As a sample target, we have chosen Linux on an IA-32 system with the kernel-options CONFIG_NOHIGH MEM or CONFIG_HIGHMEM4G , CONFIG_VMSPLIT_3G and CONFIG_PAGE_OFFSET= 0xC0000000 .

Lexi Pimenidis | David R. Piegdon

[1] Ming Li,et al. An Introduction to Kolmogorov Complexity and Its Applications , 2019, Texts in Computer Science.

[2] Alfred Menezes,et al. Handbook of Applied Cryptography , 2018 .

[3] Bin Ma,et al. The similarity metric , 2001, IEEE Transactions on Information Theory.

[4] Paul M. B. Vitányi,et al. Clustering by compression , 2003, IEEE Transactions on Information Theory.

[5] John Viega,et al. Network Security with OpenSSL , 2002 .

[6] William I. Gasarch,et al. Book Review: An introduction to Kolmogorov Complexity and its Applications Second Edition, 1997 by Ming Li and Paul Vitanyi (Springer (Graduate Text Series)) , 1997, SIGACT News.

[7] Stephanie Wehner,et al. Analyzing worms and network traffic using compression , 2005, J. Comput. Secur..

[8] Adi Shamir,et al. Playing "Hide and Seek" with Stored Keys , 1999, Financial Cryptography.

[9] Don Anderson. FireWire System Architecture: IEEE 1394A , 1998 .

[10] Otto Spaniol,et al. Sicherheit in Kommunikationsnetzen - Skript zur Vorlesung an der RWTH-Aachen , 2000, Aachener Beiträge zur Informatik.