Presentation is loading. Please wait.

Presentation is loading. Please wait.

Question 1 Did you get root? We got the kernel, and from the kernel we got root. This is an often asked question and is actually the worst question we.

Published byBruno Neblett Modified over 10 years ago

Similar presentations

Presentation on theme: "Question 1 Did you get root? We got the kernel, and from the kernel we got root. This is an often asked question and is actually the worst question we."— Presentation transcript:

1 Question 1 Did you get root? We got the kernel, and from the kernel we got root. This is an often asked question and is actually the worst question we have received. People asking this question have shown they are not familiar with OS architecture and device drivers. The answer is that once you have compromised a device driver you are running in ring-0, the highest privilege level on a processor. From this state and depending on how your shellcode is designed, you can do anything you want.

2 Question 2 What services were running? This attack happens at the network link layer. No IP packets were required for this attack.

3 Question 3 Ill pay you $10/$100/$1000 for a live demo! REALLY?? By doing a live demo we are in essence selling you a copy of the exploit. Its not for sale.

4 Question 4 Why was it a video? For the same reason we arent doing live demos. By doing this anyone in the audience with a sniffer will then have a copy of the exploit.

5 Question 5 How did you use a 3rd party card, there are no card slots? USB?!?!?!?!?!

6 Question 6 I saw some people quote you as saying the bug is in the built-in in card and other people quote you as saying as its not, who is right? They both are. The exploit shown in the video was targeting a specific third party driver and that same vulnerability does not affect the built in card. We are, however, doing ongoing research on the built-in card as well and have shared our findings with Apple.

Download ppt "Question 1 Did you get root? We got the kernel, and from the kernel we got root. This is an often asked question and is actually the worst question we."

Similar presentations

DNS Attack Dalia Solomon. CONFIGURATION KNOPPIX SDT STD stands for security tools distribution A bootable CD with Linux OS, Linux kernel 2.4.2 STD focuses.

DNS Attack Dalia Solomon. CONFIGURATION KNOPPIX SDT STD stands for security tools distribution A bootable CD with Linux OS, Linux kernel STD focuses.
Understanding Your Laptop A scavenger hunt designed to help you get to know your new computer.

Understanding Your Laptop A scavenger hunt designed to help you get to know your new computer.
Datalink Access.

Datalink Access.
TOPIC LEARNING BTEC Level 3 Unit 28 Websites L01- All students will understand the web architecture and components which allow the internet and websites.

TOPIC LEARNING BTEC Level 3 Unit 28 Websites L01- All students will understand the web architecture and components which allow the internet and websites.
Tactics to Discover “Passive” Monitoring Devices

Tactics to Discover “Passive” Monitoring Devices
1 Address Resolution Protocol (ARP) Relates to Lab 2. This module is about the address resolution protocol.

1 Address Resolution Protocol (ARP) Relates to Lab 2. This module is about the address resolution protocol.
ROOTKIT VIRUS by Himanshu Mishra Points to be covered Introduction History Uses Classification Installation and Cloaking Detection Removal.

ROOTKIT VIRUS by Himanshu Mishra Points to be covered Introduction History Uses Classification Installation and Cloaking Detection Removal.
Chapter 7 Protocol Software On A Conventional Processor.

Chapter 7 Protocol Software On A Conventional Processor.
What's inside a router? We have yet to consider the switching function of a router - the actual transfer of datagrams from a router's incoming links to.

What's inside a router? We have yet to consider the switching function of a router - the actual transfer of datagrams from a router's incoming links to.
Introduction to InfoSec – Recitation 12 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)

Introduction to InfoSec – Recitation 12 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)
Instant Messaging Security Flaws By: Shadow404 Southern Poly University.

Instant Messaging Security Flaws By: Shadow404 Southern Poly University.
CS 153 Design of Operating Systems Spring 2015 Lecture 24: Android OS.

CS 153 Design of Operating Systems Spring 2015 Lecture 24: Android OS.
Reconnaissance & Enumeration Baseline, Monitor, Detect, Analyze, Respond, & Recover Hervey Allen Chris Evans Phil Regnauld September 3 – 4, 2009 Santiago,

Reconnaissance & Enumeration Baseline, Monitor, Detect, Analyze, Respond, & Recover Hervey Allen Chris Evans Phil Regnauld September 3 – 4, 2009 Santiago,
Port Knocking Software Project Presentation Paper Study – Part 1 Group member: Liew Jiun Hau (20086034) Lee Shirly (20095815) Ong Ivy (20095040)

Port Knocking Software Project Presentation Paper Study – Part 1 Group member: Liew Jiun Hau ( ) Lee Shirly ( ) Ong Ivy ( )
Chapter 3.1:Operating Systems Concepts 1. A Computer Model An operating system has to deal with the fact that a computer is made up of a CPU, random access.

Chapter 3.1:Operating Systems Concepts 1. A Computer Model An operating system has to deal with the fact that a computer is made up of a CPU, random access.
Unit 2 - Hardware Computer Security.

Unit 2 - Hardware Computer Security.
By: Nora R.. Problem Suppose x and y are real numbers such that xy = 9 and x²y + xy² + x + y = 100. What is the integer value of x² + y²?

By: Nora R.. Problem Suppose x and y are real numbers such that xy = 9 and x²y + xy² + x + y = 100. What is the integer value of x² + y²?
Researchers turn USB cable into attack tool 報告人:劉旭哲.

Researchers turn USB cable into attack tool 報告人:劉旭哲.
An Introduction to UNIX Security A Presentation by Trey Evans

An Introduction to UNIX Security A Presentation by Trey Evans
Year 8AD Speaking and Listening Assessment. Learning Objectives We will: Develop our ability to assess each others work using a success criteria Become.

Year 8AD Speaking and Listening Assessment. Learning Objectives We will: Develop our ability to assess each others work using a success criteria Become.

Similar presentations

Ads by Google