Every modern computer system based on Intel architecture has Intel Management Engine (ME) – a built-in subsystem with a wide array of powerful capabilities (such as full access to operating memory, out-of-band access to a network interface, running independently of CPU even when it is in a shutdown state, etc.). On the one hand, these capabilities allow Intel to implement many features and technologies based on Intel ME. On the other hand, it makes Intel ME a tempting target for an attacker. Especially, if an attack can be conducted remotely.
Here, Intel Active Management Technology (AMT) fits perfectly – it is based on Intel ME and means for a remote administration of computer system. In this talk we will discuss the methods of remote pwning of almost every Intel based system, manufactured since 2010 or later.
Alexander Ermolov
Dmitriy Evdokimov
Maksim Malyutin