I have a slow burn project where I simulate a supply chain attack on my own motherboard. You can source (now relatively old) Intel PCH chips off Aliexpress that are “unfused” and lack certain security features like Boot Guard (simplified explanation). I bought one of these chips and I intend to desolder the factory one on my motherboard and replace it with the Aliexpress one. This requires somewhat difficult BGA reflow but I have all the tools to do this.
I want to make a persistent implant/malware that survives OS reinstalls. You can also disable Intel (CS)ME and potentially use Coreboot as well, but I don’t want to deal with porting Coreboot to a new platform. I’m more interested in demonstrating how important hardware root of trust is.
Yeah - these [0] kinds of cables are so extremely scary.
"The O.MG Cable is a hand made USB cable with an advanced implant hidden inside. It is designed to allow your Red Team to emulate attack scenarios of sophisticated adversaries"
"Easy WiFi Control" (!!!!!)
"SOC2 certification"? Dawg, the call is coming from inside the house...
If you've read the docs, which I'm not saying anyone is expected to, FTDI tends to put buffers on their outputs. That's what gave it away for me. The little sot-23-5 footprints.
I want to make a persistent implant/malware that survives OS reinstalls. You can also disable Intel (CS)ME and potentially use Coreboot as well, but I don’t want to deal with porting Coreboot to a new platform. I’m more interested in demonstrating how important hardware root of trust is.
Try attacking NIC, server BMC or SSD firmware. You will achieve your goal without any hardware replacement needed.
"The O.MG Cable is a hand made USB cable with an advanced implant hidden inside. It is designed to allow your Red Team to emulate attack scenarios of sophisticated adversaries"
"Easy WiFi Control" (!!!!!)
"SOC2 certification"? Dawg, the call is coming from inside the house...
[0] https://shop.hak5.org/products/omg-cable
they could be regulated to expose their chip with transparent covering rather than plain dark wiring