Code dive You can remotely commandeer and control computers that use vulnerable Intel chipsets by sending them empty authentication strings.You read that right. When you’re expected to send a password hash, you send zero bytes. Nothing. Nada. And you’ll be rewarded with powerful low-level access to a vulnerable box’s hardware from across the network or across the internet if the management interface faces the public web.Remember that the next time Intel, a $180bn international semiconductor giant, talks about how important it treats security.To recap: Intel provides a remote management toolkit called AMT for its business and enterprise-friendly processors; this software is part of Chipzilla’s vPro suite and runs at the firmware level, below and out of sight of Windows, Linux, or whatever operating system you’re using. The code runs on Intel’s Management Engine, a tiny secret computer within your computer that has full control of the hardware and talks directly to the network port, allowing a device to be remotely controlled regardless of whatever OS and applications are running, or not, above it.
Gratis är gott: KeyClu – håll reda på alla genvägar i ett program
KeyClu - ger dig enkel och smidig översikt över alla genvägar för alla applikationer. Lätt att använda: tryck bara på ⌘ två...
0 kommentarer