Gregory's Server@dangoodin @matrosov I don't see how this could be exploited remotely. As far as I understand, a malicious image file has to make it's way onto the EFI system partition first, or did I miss something?
|
7 comments
 @fell @dangoodin @matrosov hai, this is h.acker, please put this image here on your disk and It will enhance your computer greatly. @hanscees @fell @dangoodin @matrosov It doesn't even have to be a complete lie, just "put this image here" and it actually will display a picture of, idk, Harry Styles when you turn your computer on.  @carey @hanscees @dangoodin @matrosov Microsoft was wise when they decided they're not going to let Windows users access the ESP.  @fell @carey @hanscees @matrosov Wait, what's the basis for saying Windows users can't access the ESP? https://duckduckgo.com/?t=ffab&q=how+to+access+efi+partition+in+windows @dangoodin @carey @hanscees @matrosov The basis is that I never saw it when I clicked on "This PC". Is it possible? @fell @dangoodin @carey @matrosov I really dont know at this point. But if you can get a user to execute something "click here and this pic becomes your background" you can run a script and So on. |
@fell @dangoodin @matrosov i think that's what Dan meant about a post exploit attack. You'd need to be infected/hacked via another method first, which would then establish persistence/privilege escalation via LogoFail.
Or alternatively have someone with physical access, like it says in the article