What are the biggest security concerns on PXE? (election machine network boot) - The Great Awakening

What are the biggest security concerns on PXE? (election machine network boot) 🤔💭 Theory 😲💡

posted 3 years ago by ostof 3 years ago by ostof +295 / -0

Nerdpedes,

have a look at

https://security.stackexchange.com/questions/64915/what-are-the-biggest-security-concerns-on-pxe

Best of:

I can capture a full machine image. Do your systems automatically connect to the domain controller after setting up the machine? If so, this image probably has domain controller credentials on it, that I can capture and use elsewhere.

Computer makes a DHCP request --> DHCP server responds with address and PXE parameters --> Computer downloads boot image using TFTP over UDP

If the good guys got the traffic on that low level, unencrypted. Then they would have it all.

47 comments

47 comments share save hide report block hide replies

You're viewing a single comment thread. View all comments, or full comment thread.

Comments (47)

sorted by:

▲ 8 ▼

– RiverWolf 8 points 3 years ago +8 / -0

PXE can be used to silently and automatically install a modified, or entirely different operating system, including one which runs as an ISO (CD/DVD) image, without actually modifying the hard drive, leaving no trace of it, when machine is rebooted.

permalink save report block reply

▲ 4 ▼

– Shockadee 4 points 3 years ago +4 / -0

Are you talking about the winPE environment, I've never seen the ability to download and run an iso in ram without touching the HDD like a live cd. Can you please provide info or instruction on this?

permalink parent save report block reply

▲ 1 ▼

– Jceggbert5 1 point 3 years ago +1 / -0

WinPE can run from RAM, you could boot to a virtual disk over the network, most linux flavors can run as a Live CD...

You can get a lot of stuff running in a WinPE environment, especially if you're the one writing the software.

permalink parent save report block reply

▲ 1 ▼

– Shockadee 1 point 3 years ago +1 / -0

Yes, this is all true but you need to exit the winPE environment to run the OS. You say you can boot to a virtual disk over the network. Wouldn't this be a thin client / terminal services rather than PXE?

permalink parent save report block reply

To The Great Awakening

We are researchers who deal in open-source information, reasoned argument, and dank memes. We do battle in the sphere of ideas and ideas only. We neither need nor condone the use of force in our work here. WE ARE THE PUBLIC FACE OF Q. OUR MISSION IS TO RED-PILL NORMIES.

This is a pro-Q community. Please read and respect our rules below before contributing.

WHY Q?

"Those who cannot understand that we cannot simply start arresting w/o first: ensuring the safety & well-being of the population shifting the narrative removing those in DC through resignation to ensure success defeating ISIS/MS13 to prevent fail-safes freezing assets to remove network-to-network abilities kill off COC to prevent top-down comms/org, etc. etc. should not be participating in discussions." Q