On Friday, July 15, 2016 at 12:00:11 AM UTC-4, raah...@gmail.com wrote: > On Thursday, July 14, 2016 at 11:57:48 PM UTC-4, neilh...@gmail.com wrote: > > But it's still not clear how these malicious packets can be sent to the > > network card.... can these be sent after compromising an App VM (via > > something like a browser exploit)...?? > > > > Or can they be sent just purely over the internet itself to any device > > connected to the web...? Directly send packets just over the web? > > > > Or does it require attacking the Net VM, and not just the App VM... however > > that would be done...? > > > > I'm just trying to figure out FROM WHERE the network card could be attacked. > > all network packets go to your network card. I'm not sure what you mean? It > can be attacked from anywhere in the world wide web.
I guess you are asking me specifically how? I dunno man i'm a noob. I guess there is many ways, for example reverse shell from buggy dhclient or icmp packet. or who the heck knows. Probably too many possibilities to list. Joannas blog mentioned poc from buffer overflow. Anothing thing to consider is you have to trust the intel firmware sometimes. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/8b0d3cd9-2dd1-48c3-9279-852f3ccd083d%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
