Vbootkit 2.0是一款由安全研究人员Vipin Kumar和Nitin Kumar创建的开源攻击工具,旨在利用Windows 7的设计问题,使攻击者能够在操作系统启动过程中获取完全控制权。此工具通过修改加载到系统内存中的Windows 7文件来实现对操作系统的接管。微软回应称,BitLocker和TPM技术可以在一定程度上抵御此类物理访问攻击,但这些保护措施仅限于高端版本的Windows 7。
分享一下我老师大神的人工智能教程!零基础,通俗易懂!http://blog.youkuaiyun.com/jiangjunshow
也欢迎大家转载本篇文章。分享知识,造福人民,实现我们中华民族伟大复兴!
http://www.findmysoft.com/news/Open-Source-Vbootkit-2-0-Attack-Tool-for-Windows-7/
Windows 7 Release Candidate is now out and available for public download, and so is the open source attack tool Vbootkit 2.0 created by security researchers Vipin Kumar and Nitin Kumar. The source code of the attack tool has been released under a General Public License (GPL), meaning that anyone can now use it to compromise the Windows 7 operating system.
With Vbootkit 2.0, an attacker could take full control of the OS because there is a design problem within Windows 7. According to its developers, there is no fix for this exploit simply because it is a design issue (as mentioned before). The upside is that the exploit only works if the attacker has physical access to the targeted machine – the exploit cannot be used remotely.
“It hooks the basic hard disk reading mechanism, the INT 13h method, then waits for read requests. When it finds a known signature, it patches the file in memory and the process continues till we reach the kernel,” explained Vipin Kumar for eWeek. In layman’s terms, Vbootkit 2.0 takes control of the Windows 7 OS when the operating process boots up by “making changes to Windows 7 files that are loaded into the system memory during the boot process”.
Microsoft has responded with the following statement: “If one has this kind of unrestricted access, one can do many things to compromise the system. BitLocker, in addition to data encryption, can also help protect against physical-access attacks with its secure-boot technology. The feature uses a Trusted Platform Module (TPM 1.2) to help ensure that a PC running Windows 7 has not been tampered with while the system was offline.”
That may be true, but the thing is that TPM and BitLocker are only available on high-end versions of Windows 7, mainly Windows 7 Enterprise and Windows 7 Ultimate.
If you would like to get the Vbootkit 2.0 source code, a download location is available here.
给我老师的人工智能教程打call!http://blog.youkuaiyun.com/jiangjunshow
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
