PCILeech uses PCIe devices to read and enrollment from system memory. This is achieved by using DMA over PCIe. No drivers are required for the target system.
PCILeech supports many hardware. For now, only the USB3380 is available to the audience. The USB3380 can read 4GB of native memory, but it can read all of the memory if a kernel module (KMD) is first inserted into the target system's kernel.
Το PCILeech είναι ικανό να εισάγει ένα ευρύ φάσμα προσθηκών στον πυρήνα, επιτρέποντας την εύκολη πρόσβαση στην ενεργή ram και στο σύστημα αρχείων μέσω ενός "mount drive".
It is also possible to remove the requirement code login access, loading unsigned drivers, executing code and the system shell. PCIleech runs on Windows/Linux/Android. Supported target systems are currently the x64 versions of UEFI, Linux, FreeBSD, macOS, and Windows.
Specifications:
- Memory recovery from the destination system at> 150MB / s.
- Write data to the destination system memory.
- You can access the 4 GB memory in native DMA mode.
- ALL memory can be accessed if the kernel unit (KMD) is loaded.
- Insert RAM as a file [Linux, Windows, macOS].
- Mount file system as a drive disk [Linux, Windows, macOS].
- Run the kernel code on the destination system.
- Spawn System Shell [Windows].
- Create anything executable [Windows].
- Loading unsigned drivers [Windows].
- Download files [Linux, FreeBSD, Windows, macOS].
- Patch / Unlock (remove password requirement) [Windows, macOS].
- Easy creation of your own shell in the kernel and / or custom signatures.
Installation
git clone https://github.com/ufrisk/pcileech.git
Windows
The driver must also be installed Google Android USB. Download Google Android USB Driver from http://developer.android.com/sdk/win-usb.html#download
Unzip it and open Device Manager. Right click on the computer, choose to add old hardware. Select manual installation of the hardware. Click Have Disk. Go to the Android driver, select android_winusb.inf and install it.
To attach Live ram and a destination file system as a drive to Windows, the Dokany file system library must be installed. Download and install the latest version of Dokany from address https://github.com/dokan-dev/dokany/releases/latest
Linux and Android
See the PCILeech-on- guide Linux for information about running PCILeech on Linux or PCILeech-on- Android for Android.
Application snapshots
Information on using the program, you will find here.