Every modern computer system based on Intel architecture has Intel Management Engine (ME) – a built-in subsystem with a wide array of powerful capabilities (such as full access to operating memory, out-of-band access to a network interface, running independently of CPU even when it is in a shutdown state, etc.). On the one hand, these capabilities allow Intel to implement many features and technologies based on Intel ME. On the other hand, it makes Intel ME a tempting target for an attacker. Especially, if an attack can be conducted remotely.
Here, Intel Active Management Technology (AMT) fits perfectly – it is based on Intel ME and means for a remote administration of computer system. In this talk we will discuss the methods of remote pwning of almost every Intel based system, manufactured since 2010 or later.