Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Computrace Backdoor Revisited

Black Hat via YouTube

Start learning Write review
Boot.dev Ad

The Most Addictive Python and SQL Courses

Learn More CourseHorse Ad

The Perfect Gift: Any Class, Never Expires

Learn More

Overview

Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore the security vulnerabilities in modern anti-theft technologies embedded in firmware and PC BIOS of popular laptops and desktop computers. Delve into the potential misuse of Absolute Computrace anti-theft software as an advanced removal-resistant BIOS-based backdoor. Learn about unauthorized activations, network security flaws, and how to exploit remote hosts running Computrace. Discover the inner workings of Computrace, including its suspicious behavior, detection rates, and protocol attacks. Examine the vulnerable protocol design, demo environment, and communication methods of the main agent. Understand local attacks on the configuration block and learn how to detect and deactivate Computrace. Gain insights into similar cases like Radmin and receive practical advice for protecting against these security risks.

Syllabus

Intro
Where is Computrace?
Why this research?
How does it work?
Suspicious Behavior
VT Detection Rate
Attacks on Protocol
Small Agent Protocol
Communication explained
Vulnerable Protocol Design
Demo Environment
Main Agent (rpcnet.exe)
Main Agent Communication
Vulnerable Protection Mechanism
Local attacks - Configuration Block
How to detect Computrace?
How about network detection?
Who activated Computrace?
How to deactivate Computrace?
Some advice
Similar Case: Radmin

Taught by

Black Hat

Reviews

Start your review of Computrace Backdoor Revisited

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.