[Dailydave] Whitepaper: Implementing and Detecting a PCI Rootkit
Paul Wouters
paul at xelerance.com
Thu Nov 16 19:16:25 Local tim 2006
On Thu, 16 Nov 2006, Dave Aitel wrote:
> That's really cool. One thing Immunity has been investigating is
> selling a literal hardware PCI card that you can install into
> someone's machine which then infects their system and injects a
on xen0 do:
modprobe pciback hide='(0000:00:1d.0)'
echo '0000:00:1d.0' > /sys/bus/pci/drivers/pciback/new_slot
echo '0000:00:1d.0' > /sys/bus/pci/drivers/pciback/bind
and add to xenu.conf:
pci = ['00,1d,0']
hardware is overrated :)
Paul <-- always running a hypervisor cause of evil like Joanna
More information about the Dailydave
mailing list