Closed cofarmer closed 4 years ago
That blog entry is a few years old now and Microsoft have been securing Thunderbolt meanwhile.
I'm not sure that's your issue though. If you're able to read memory I suspect PCILeech is trying to read some memory that belongs to a device which doesn't like it - hence the bluescreen.
Alternatively, if a signature was found and patching started Windows sometimes bluescreens, either due to an outdated patch signature or maybe due to Windows patch guard.
The signatures are currently somewhat outdated. I hope to find the time to look into this in February (sadly not before due to other upcoming engagements).
Oh,thanks.Happy marriage.
First, i have browsed this blog: http://blog.frizk.net/2016/10/dma-attacking-over-usb-c-and.html,it was used USB3380 board, but now, i have a SP605/FT601 and a Thunderbolt device, and the target system is Windows 10 x64, when start patch signature with pcileech, a few memory readed only, no more can be readed then, and the target os died. Do you know why this happened?