win 8 boot process hacked

Discussion in 'Windows 8' started by amiga, Nov 23, 2011.

  1. amiga

    amiga MDL Junior Member

    Aug 11, 2007
    87
    94
    0
    Interesting article of win8 boot process that got hacked giving full root access.

    Pulled this from extratorrent but google search brings it up on several sites such as it-networks, itworld, tech2date etc


    Article:

    One of the insecurity experts has already shown how easy one can hack your way past controversial boot-up security of the new Windows OS and gain root access.

    An independent developer and security analyst Peter Kleissner from Austria is planning to release the first known “bootkit” for Microsoft’s new OS. The bootkit is able to load from a hard drive’s master boot record and remain in computer’s memory all the time during the startup of the Windows 8, thus providing root access to the operating system.

    Boot loader developed for Windows 8 is specifically designed to stop malware and security breaches. This includes measures demanding that any software loaded at boot time has to be authenticated with a valid digital signature. Microsoft developers believe that this would protect the PC from malware, as it would block any unsigned applications from loading into PC’s memory before startup. However, this feature angered open-saucers who believe that it was designed with the intention to kill Linux distributions like Red Hat and Ubuntu that don’t have a digital signature.

    Peter Kleissner explained that his exploit defeats the security features of the new Boot Loader of the Microsoft’s OS, which has angered open-saucers because of the suspicion that it will prevent them from running dual booted systems. He has also pointed out that the exploit in question didn’t actually target the Unified Extensible Firmware Interface, but rather went after legacy BIOS. Kleissner is going to share his findings with the Microsoft developers.

    The Austrian insecurity expert is known for his Stoned bootkit which is recognized as a proof-of-concept exploit able to attack Windows XP, Vista, 7, and even Windows Server 2003. The bootkit could even install itself into the Windows kernel and thus get unrestricted access to the whole system. This also worked with systems having encrypted drives.

    The expert explained that his bootkit Stoned Lite features an infector file of just 14kb, which could be started from a USB drive or CD. Peter Kleissner is also thinking about adding in some in-memory patching, which could allow him to change the password validation routine in Microsoft’s OS in order to accept any password as if they were valid for an account. So, Windows 8 has been hacked even before its release.


    Just incase anyone was interested :)
     
  2. Nawzil

    Nawzil MDL Guru

    Jun 18, 2011
    2,206
    787
    90
    This is old news.
    You did not have to create a thread for this.
    I wonder which Mod approved this.
     
  3. Fraggy

    Fraggy MDL Addicted

    Jun 13, 2011
    734
    389
    30
    Let's hope MS devs will fix that security breach till RTM
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. Stannieman

    Stannieman MDL Guru

    Sep 4, 2009
    2,232
    1,800
    90
    Let's hope not, I smell potential activation exploits here. But currently no builds that take advantage of secure boot have made it outside MS' buildings (confirmation from canouna requested :) ), so he couldn't have tested it yet...
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. free1975yuly

    free1975yuly MDL Expert

    Aug 24, 2011
    1,763
    149
    60
    will you wanna post the results here?
     
  6. Yen

    Yen Admin
    Staff Member

    May 6, 2007
    11,175
    10,934
    340
    It has been mentioned at the UEFI thread already, yes. But there is actually no thread about to discuss it.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. Nawzil

    Nawzil MDL Guru

    Jun 18, 2011
    2,206
    787
    90
    So you agree with the idea of creating this thread?
     
  8. Nawzil

    Nawzil MDL Guru

    Jun 18, 2011
    2,206
    787
    90
    Oh ok .
     
  9. Yen

    Yen Admin
    Staff Member

    May 6, 2007
    11,175
    10,934
    340
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  10. free1975yuly

    free1975yuly MDL Expert

    Aug 24, 2011
    1,763
    149
    60
    Ok,no problem...:eek:
     
  11. Pegatron

    Pegatron MDL Member

    Jul 5, 2010
    143
    13
    10
    Booting

    The 'win 8 boot process' somehow disables my internet access to Mac OS Leopard. I am dual booting and everything works fine in any OS build other than Windows Developer Preview. I went back to 7989. I am going to figure out why? :confused:
     
  12. Stannieman

    Stannieman MDL Guru

    Sep 4, 2009
    2,232
    1,800
    90
    That's weird...but I have no idea what could cause that.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  13. cyberdoc888

    cyberdoc888 MDL Novice

    Aug 14, 2012
    19
    6
    0
    you can protect you pc..... just use (nprotect mbr guard) it is a free download
     
  14. Okabe

    Okabe MDL Novice

    Sep 8, 2012
    3
    1
    0
    But since there are no such things as pre-activated OEM keys in Windows 8 at all (every system gets a unique product key loaded in the BIOS SLIC that actually _needs_ to phone home and activate when you first boot the machine), it's literally _impossible_ for an activation exploit to be created. There is NO METHOD to pre-activate in SLIC for Windows 8. It doesn't matter a fine deal at all if you can get a boot loader to run, the activation of Win8 retail is still only via web (or phone), and you need a valid key.

    It's why everyone's jumping on the enterprise wagon and fooling with KMS. The only activation exploits you'll ever get are for KMS emulation, like Office 2010 now, I guarantee it.
     
  15. Espionage724

    Espionage724 MDL Addicted

    Nov 7, 2009
    902
    255
    30
    - Sounds like some cheap malware program in my opinion (not saying it is though)
    - It doesn't even appear to be updated for Windows 8
    - Looks like a simple program that stops things from writing to MBR. avast! (and probably other recent anti virus programs) can already do this, and I think even some BIOS's have an option to protect MBR, which would even be safer
     
  16. TonyTones

    TonyTones MDL Novice

    Jul 13, 2010
    35
    27
    0
    Have you tried turning off the Fast Start Up/Hybrid feature in Windows 8? There is a good chance it could be causing the problem.
     
  17. cyberdoc888

    cyberdoc888 MDL Novice

    Aug 14, 2012
    19
    6
    0
    #17 cyberdoc888, Sep 10, 2012
    Last edited: Sep 10, 2012
    try it .... you can not get past it.

    you can protect you pc..... just use (nprotect mbr guard) it is a free download

    try it .... you can not get past it.
    I will give you 500 bucks if you can get anything to write to the MBR..... it can not be done...