[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <200609201707.k8KH7ZOY007660@turing-police.cc.vt.edu>
Date: Wed, 20 Sep 2006 13:07:35 -0400
From: Valdis.Kletnieks@...edu
To: Siim Põder <windo@...rad-teel.net>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: AFS - The Ultimate Sulution?
On Wed, 20 Sep 2006 17:41:04 +0300, Siim Pauder said:
> Is it possible to update BIOS memory from outside of BIOS? If so, then
> it would be possible to turn netboot off after compromising root.
Sure. It's called "reflashing the BIOS", and happens every time you upgrade
the BIOS. (Smaller changes, like config changes, merely require poking stuff
into the NVRAM). There's just 2 technical challenges to overcome:
1) Merely getting root is likely not enough, unless your operating system
already has enough kernel support for flashing the BIOS that you can do it
from userspace. If this isn't the case, you'll need to fix the kernel so
that it can do so (your choice - flash from kernelspace, or provide hooks
for userspace).
2) You may encounter some blecherousness like the code has to run in 16-bit
mode, or the image has be below the 1M address line in real memory, or some
such. If you got past issue (1) this isn't really a big problem, just a small
matter of coding.
Content of type "application/pgp-signature" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists