abadideajunior infosec: how could you even consider plugging in an SD card you found on the ground, it could be malicious!
senior infosec: if they can root my macbook m3 from plugging in an SD card then they deserve to run whatever the hell they want
Jorin@0xabad1dea I'd be really impressed by an SD card doing that! :D
Jernej Simončič �@jorin @0xabad1dea If the reader is USB, this is fairly unlikely. If the reader is connected in a more direct way (SDIO), it's not that far-fetched (you can connect a lot of through SDIO; quite a few tablets have WiFi cards on the SDIO bus).
Zimmie@jernej__s @jorin @0xabad1dea Or the much newer SD Express. It’s basically NVMe in the form of an SD card. Readers are about as rare as Thunderbolt thumb drives, though.
@bob_zim @jorin @0xabad1dea I've yet to see a SDExpress card or reader. SDIO readers at least used to be very common in laptops.
Ge0rG@jernej__s
Looks like SD Express is not only NVMe but also PCIe! Time to find some gear and port https://github.com/carmaa/inception
@bob_zim @jorin @0xabad1dea
Looks like SD Express is not only NVMe but also PCIe! Time to find some gear and port https://github.com/carmaa/inception
@bob_zim @jorin @0xabad1dea
GitHub - carmaa/inception: Inception is a physical memory manipulation and hacking tool exploiting PCI-based DMA. The tool can attack over FireWire, Thunderbolt, ExpressCard, PC Card and any other PCI/PCIe interfaces.
Inception is a physical memory manipulation and hacking tool exploiting PCI-based DMA. The tool can attack over FireWire, Thunderbolt, ExpressCard, PC Card and any other PCI/PCIe interfaces. - carm...