Re: Bios Information Leakage
On Tue, 13 Dec 2005, Jonathan Brossard wrote:
The two following techniques were pretty common under MS DOS several years
ago (see the "Bios Companion" [4] for instance).
It made use of debug to access physical ports. Under Linux, this
requires special permissions that are given using ioperm.
The main idea to reset CMOS is to make the checksum fail.
To make the CMOS checksum fail in the 'good old DOS days' I just typed a
file to CLOCK$ which caused the CMOS to be partly overwritten, disabling
the BIOS password checks.
I agree with you on the fact that plaintext password storage is outdated.
Kind regards,
Ron van Daal
The Netherlands