- BY deepak
- POSTED IN Geekie, IT admin, IT Security
- WITH 0 COMMENTS
- PERMALINK
- STANDARD POST TYPE
A very interesting article on exploiting NIC for running arbitrary code (hacking).
Presentation entitled “Can you still trust your network card?”. Explains how an attacker could be able to exploit a flaw to run arbitrary code inside some network controllers (NICs). The attack uses routable packets delivered to the victim’s NIC. Consequently, multiple attacks can be conducted including: Man in The Middle attacks on network connections, access to cryptographic keys on the host platform, or malware injection on the victim’s computer host platform.
The presentation included a description of the flaw as well as a demo of the exploitation possibilities. The tools used for the demo, as well as the proof of concept code were not released during the conference, and will never be.
More details here – http://www.ssi.gouv.fr/site_article185.html
Peace
Deepak Lalan