h0t
commented
5 years ago Hi @jhong3842.
In order to access Intel ME through DCI, I must run intel JTAG PoC using bof?. Simply, when enabling and debugging DCI, is it impossible to access intel ME threads?
Yes, we use INTEL-SA-00086 to activate JTAG for Intel ME core.
What should I do if I create a PoC that targets other hardware for ME, not TXE?
You need to implement PoC for your platform. You can use information from our Black Hat presentation.
However, I'm not sure about the vulnerability and its relevance to Token.
We activated JTAG directly through internal DFX-AGG device. We didn't use red/orange unlock token. In our PoC the token is required to activate access to the DFX-AGG device.
I have a question.
In order to access Intel ME through DCI, I must run intel JTAG PoC using bof?.
Simply, when enabling and debugging DCI, is it impossible to access intel ME threads?
What should I do if I create a PoC that targets other hardware for ME, not TXE?
Here's what I understand:
Vulnerability in the bup config file of CVE-2017-5705, 6, 7 can be used to execute arbitrary code.
To access the Intel ME, we need to configure the Token. Token has orange and red.
However, I'm not sure about the vulnerability and its relevance to Token.
Thank you