Author Topic: Man in the middle attack  (Read 10346 times)

0 Members and 1 Guest are viewing this topic.

Offline para

  • Senior Member
  • Veteran.
  • *****
  • Posts: 181
Man in the middle attack
« on: March 28, 2005, 12:01:58 am »
Hi,
yet another approach...

What about having something like a mod chip (in this case a microcontroller) which is plugged between the HDD and the IDE interface of the PB. If hdparm requests the drive's information like ID, serial no. etc. it just intercepts that transfer and returns a pre-defined (programmable) value. Voila!

Para

Offline judb

  • Administrator
  • Veteran.
  • *****
  • Posts: 1329
  • ph4t l3wtz
Re: Man in the middle attack
« Reply #1 on: March 28, 2005, 12:21:51 am »
I think an IDE analyzer might get us all the info we need to figure it out which is a lot like a man in the middle attack.. only we shouldnt have to mod the box to do it.. just crack the protection scheme by getting at the private key somehow (if its stored on the drive we can get it.)

Offline judb

  • Administrator
  • Veteran.
  • *****
  • Posts: 1329
  • ph4t l3wtz
Re: Man in the middle attack
« Reply #2 on: March 28, 2005, 12:23:27 am »
Although I think the private key would be more likley placed in the boot5.pac or someplace that like that, loaded into flash memory and used during start up. :(

thats still not impossible to get at.. we just need someone whos good at removing surface mount chips and getting them into a chip reader so we can grab the decrypted boot flash.

Offline para

  • Senior Member
  • Veteran.
  • *****
  • Posts: 181
Re: Man in the middle attack
« Reply #3 on: March 28, 2005, 08:38:30 am »
The assumption for this has been that there's no way of getting the private key. That would mean to let the DMS lock as it is but fool the system with faked data... Of course this is only meant as a last resort but if someone in here has some capabilities in that field of exertise why not explore it...

Para
« Last Edit: March 28, 2005, 08:39:44 am by para »

Offline judb

  • Administrator
  • Veteran.
  • *****
  • Posts: 1329
  • ph4t l3wtz
Re: Man in the middle attack
« Reply #4 on: March 28, 2005, 02:32:52 pm »
after last night I THINK we might be able to download the flash without taking chips off the board...