One of the researchers involved in the project has released the source code for the utilities. The utilities are used to lift crypto keys from memory even after a reboot. The source code was revealed at the 2600 Hackers on Planet Earth (HOPE) conference over the weekend.
If you aren’t up-to-date on this interesting subject, here are the links to previous diary entries by Swa Frantzen back in February.
You can see the research paper, a video explanation and the utility source code here: http://citp.princeton.edu/memory/
Don’t forget that Ed Skoudis and Tom Liston are speaking on this very subject in relation to how this methodology can be applied to Pen Testing and forensics at SANSFIRE in DC this Friday night, July 25th. Their SANS@Night session starts at 7pm. http://www.sans.org/sansfire08/night.php
Jul 22nd 2008
1 decade ago