Cold Boot Attack Tools for Linux

Did you know that RAM doesn't clear the moment it loses power? That it can persist for up to a few minutes if chilled? Learn about attack techniques that take advantage of these facts to uncover encryption keys and break disk encryption.

Kyle Rankin is a Senior Systems Administrator in the San Francisco Bay Area and the author of a number of books, including Knoppix Hacks and Ubuntu Hacks for O'Reilly Media. He is currently the president of the North Bay Linux Users' Group.

______________________

Kyle Rankin is a director of engineering operations in the San Francisco Bay Area, the author of a number of books including DevOps Troubleshooting and The Official Ubuntu Server Book, and is a columnist for Linux Journal.

Comments

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Unbelievable. Always a

Anonymous's picture

Unbelievable. Always a problem. Even the author's fix doesn't work. Gotta love the code monkeys who can't explain their own work. It's useless unless other people can benefit from it.

PXE files

Anonymous's picture

There are two files under the "pxe" directory, "scrapper" and "scrapper.bin", i'm assuming one is kernel and the other is init image?

i had the same problem...

RowanH's picture

i had the same problem... apparently -fno-stack-protector-all is not a valid option on my machine.. no idea why and i really don't care that much so long as i can compile.

a quick workaround:-

use an older compiler alongside your existing setup- this is actually useful in many situations,
if your a debian-derivative, e.g. ubuntu:

apt-get install gcc-3.4

make CC=gcc-3.4

hope this is helpful to someone

A MindMap of Same

Mitch Frazier's picture

For those of you that like mind maps: Cold Boot Mind Map

Mitch Frazier is an Associate Editor for Linux Journal.

compile

splashd's picture

I could not get the code to compile, even after correcting t he pxe/Makefile as the author outlined.

I still get the "__stack_chk_fail" message

reply

dm0n7's picture

add -fno-stack-protector to the Makefile in the following sub-directories: stand, pxe, and usb.

It should then compile.

Webinar
One Click, Universal Protection: Implementing Centralized Security Policies on Linux Systems

As Linux continues to play an ever increasing role in corporate data centers and institutions, ensuring the integrity and protection of these systems must be a priority. With 60% of the world's websites and an increasing share of organization's mission-critical workloads running on Linux, failing to stop malware and other advanced threats on Linux can increasingly impact an organization's reputation and bottom line.

Learn More

Sponsored by Bit9

Webinar
Linux Backup and Recovery Webinar

Most companies incorporate backup procedures for critical data, which can be restored quickly if a loss occurs. However, fewer companies are prepared for catastrophic system failures, in which they lose all data, the entire operating system, applications, settings, patches and more, reducing their system(s) to “bare metal.” After all, before data can be restored to a system, there must be a system to restore it to.

In this one hour webinar, learn how to enhance your existing backup strategies for better disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible bare-metal recovery solution for UNIX and Linux systems.

Learn More

Sponsored by Storix