Master issue for THARD-2

Open Rafiot opened this issue 10 years ago • 4 comments

Review of the attack surface on the rPI (e.g. power analysis)

Jun 10 '15 09:06 Rafiot

https://github.com/CIRCL/Circlean/blob/master/doc/Technical_Notes/TNO_Raspi_boot.pdf

Jan 29 '16 10:01 Rafiot

Exploiting libmagic
- Writing a malicious binary to the second USB
- Returning a fake MIMEtype

Feb 10 '17 18:02 moshekaplan

I didn't see any recent vulnerability in libmagic allowing command execution. Do you have references?

Fake MIMEtype is assumed, we use it for information and cross check with the extension of the file (see polyglot files).

Feb 11 '17 08:02 Rafiot

Unfortunately, this is the only reference I could find : https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2014-1606 , but it only has DoS and no code execution.

Feb 12 '17 01:02 moshekaplan