Andrey Konovalov oa Google
Lockdown e thibela phihlello ea basebelisi ho kernel mme e thibela UEFI Secure Boot bypass litsela. Mohlala, ka mokhoa oa ho koala, ho fihlella /dev/mem, /dev/kmem, /dev/port, /proc/kcore, debugfs, kprobes debugging mode, mmiotrace, tracefs, BPF, PCMCIA CIS (Sebopeho sa Boitsebiso ba Karete), tse ling li-interfaces li lekanyelitsoe ACPI le li-rejista tsa MSR tsa CPU, li-call ho kexec_file le kexec_load li koetsoe, mokhoa oa ho robala o thibetsoe, tšebeliso ea DMA bakeng sa lisebelisoa tsa PCI e lekanyelitsoe, ho kenngoa ha khoutu ea ACPI ho tsoa ho mefuta-futa ea EFI ho thibetsoe, ho qhekella ka likoung tsa I / O ha ho joalo. e lumelletsoe, ho kenyelletsa ho fetola nomoro ea tšitiso le boema-kepe ba I/O bakeng sa boema-kepe ba serial.
Mochini oa Lockdown o sa tsoa eketsoa ho kernel ea mantlha ea Linux
Ho Ubuntu le Fedora, motsoako oa senotlolo Alt + SysRq + X o fanoa ho thibela Lockdown. Ho utloisisoa hore motsoako oa Alt + SysRq + X o ka sebelisoa feela ka phihlello ea 'mele ho sesebelisoa,' me molemong oa ho hacking hole le ho fumana metso, mohlaseli a ke ke a khona ho tima Lockdown mme, mohlala, ho kenya module e nang le rootkit e sa saenneng ka mokhoa oa digital ka har'a kernel.
Andrey Konovalov o bontšitse hore mekhoa e thehiloeng ho keyboard ea ho netefatsa boteng ba mosebelisi ha e na thuso. Mokhoa o bonolo oa ho tima Lockdown e ka ba ho etsa ka mokhoa o hlophisitsoeng
Mokhoa oa pele o kenyelletsa ho sebelisa sebopeho sa "sysrq-trigger" - ho e etsisa, feela nolofalletsa sebopeho sena ka ho ngola "1" ho /proc/sys/kernel/sysrq, ebe u ngola "x" ho /proc/sysrq-trigger. Ho boletse loophole
Mokhoa oa bobeli o kenyelletsa ho etsisa keyboard ka
Source: opennet.ru