Last night I came across this along my travels and thought I'd share it with you all see what your opinions are of it. 'sinkhole' is a recently discovered vulnerability found in older models of Intel's X86 chips. The problem with this is that the vulnerability itself is burned into the silicon of the chip and as such can't be effectively patched, so if you are using older hardware (I believe hardware newer than 2011 has been fixed) you should be worried.
The vulnerability works by taking advantage of the way the processors handle the instructions given to them and injecting arbitrary code escalating privileged code (ring 0 - the highest privilege level of the user) all the way up to ring -2 - underneath the kernel layer and way beyond the reach of any software such as AV's
This gives the attacker full access to the hardware, software and even the kernel of the compromised machine meaning he could modify your OS anyway he likes inject deep undetectable rootkits or if so inclined tell the motherboard to stop monitoring temperatures and fires the motherboard.
I don't know too much about the ins and outs yet but found an interesting presentation
Here is the poc in .asm assembly language
Update:
Here is presentation, ebook, and whitepaper of exploit
hellofhackers.com
The vulnerability works by taking advantage of the way the processors handle the instructions given to them and injecting arbitrary code escalating privileged code (ring 0 - the highest privilege level of the user) all the way up to ring -2 - underneath the kernel layer and way beyond the reach of any software such as AV's
This gives the attacker full access to the hardware, software and even the kernel of the compromised machine meaning he could modify your OS anyway he likes inject deep undetectable rootkits or if so inclined tell the motherboard to stop monitoring temperatures and fires the motherboard.
I don't know too much about the ins and outs yet but found an interesting presentation
Here is the poc in .asm assembly language
Update:
Here is presentation, ebook, and whitepaper of exploit
The Memory Sinkhole - Hardware Level Privilege Escalation
Overview The memory sinkhole is a design flaw in x86 processors that allows code to escalate privileges into ring -2 (System Management Mode). What you will get in archive? Video of technique is outlined [Black Hat presentation] Slides from the presentation The exploit white paper that...
hellofhackers.com
Last edited by a moderator:
