oxeo0/blog-contributions
1
0
Fork 0
mirror of http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions.git synced 2025-07-02 06:46:42 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

finish bmc attack

Browse source
This commit is contained in:
midas 2025-01-23 17:31:12 +01:00
parent 07eddeb04f
commit 9854652f15
1 changed files with 3 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

3
opsec/cloud_provider_adversary/index.html
View file

@ -196,6 +196,9 @@ in this post we are going to do a threat modelling exercise:<br><br>
<h2><b>BMC Exploitation</b></h2>
<h3>Attack</h3>
A malicious firmware update is deployed to the Baseboard Management Controller (BMC), providing stealthy persistent access and enabling future compromise of the OS or hypervisor.
<h3>Countermeasures</h3>
This attack has the same issue as the previous one and could be deployed during a schedule maintenance at Bob's datacenter even if Alice was using a baremetal. If she were to migrate to such a setup, then ensuring a TPM is present on the motheboard and only signed firmware updates are accepted would be a first step. This wouldn't protect her from a malicious update signed with a legitimate key as some government agency could deploy.