Design And Implementation Of Remote Firmware Layer Attack Tools Management System

With the development of UEFI,the number of attacks on the firmware layer is increasing,and the security of the firmware layer has become a hot topic in the field of information security.Even though the UEFI has been resolved the difficult of set or expand and other issues of traditional BIOS,but it bringing more and more security risks at the same time,The attack of the firmware layer is not only destructive and difficult to detected,but also has more and more method.In order to protect the bottom security of the computer system,find out the possible loopholes in the UEFI BIOS and improve the security of the firmware layer is the primary task of security issues.Therefore,based on the demonstration system of firmware attack detection and development system,this paper studies the existing firmware layer attack mode and obtains the corresponding malicious code instance,and combines the technical means of network layer penetration attack to realize the experiment and teaching Remote firmware attack tool management system development,standing on the attacker's point of view,through the management and transfer of the attack tools of firmware layer to implement non-destructive attack behavior to target system.The main research contents and results are as follows:(1)Research on various existing firmware layer attack ways such as SMM vulnerability and BIOS Rootkit,summarizes the commonness and difference of the corresponding attack instances in different ways,and designs a reliable and easy implementation management style of the malicious code of the firmware layer.(2)Learning the principles and processes of remote implantation,including vulnerability scanning and penetration attacks,master the role and characteristics of the representative attack tools in each step so as to design the integration of the corresponding attack tools or function.(3)Analyze stability,scalability and other analysis of the system,the browser side is responsible for controlling the entire process of the remote attack of the firmware layer to the target system,an attack tools management set is designed in the server side to facilitate the dynamic expansion and instantiation of attack tools in the system.(4)Taking functional design of the system,provide basic login and logout function and management function which can increase,inquire or delete the attack tools according to the malicious codes management methods,support the dynamic expansion of new attack tools and attack mode,create new task and transfer the tools which has been integrated in the system to complete the corresponding task of remote firmware layer.(5)Taking system functional testing after code implement about the functional design of the system,the test results shows that the system manages and calls the attack tools smoothly and completes the attack task successfully.