Views: 8,148,460 Home | Forums | Uploader | Wiki | Object databases | IRC
Rules/FAQ | Memberlist | Calendar | Stats | Online users | Last posts | Search
03-23-18 05:17 AM

0 users reading Dell Monitor Exploit | 1 bot

Main - Computers and technology - Dell Monitor Exploit New reply

Posted on 08-13-16 03:25 PM Link | #76086
Source (Github Repo)

This exploit attacks the on-screen-display controller (OSD) through the monitor's USB hub (Or the alternate faster i2c method, which requires the computer to currently be displaying to the monitor.), allowing arbitrary code execution.
More in-depth explanation:
The Dell 2410U monitor has a Genesis (now owned by ST) display controller onboard. The exploit sends debug messages to this chip using Genesis's "GProbe" protocol over DDC2bi, which lets it write to RAM, read and write display registers, execute arbitrary code, reflash the device, etc. DDC2bi is a part of display protocols such as HDMI and DisplayPort which normally lets the computer do things like control the monitor's color settings and get the resolution of the monitor.
What can be done with this is arbitrarily writing pixels to the monitor via the exploit. A potential malicious use for this could be faking a PayPal balance, as shown in the example screenshot in the repo.

Website | Twitter

Posted on 08-13-16 03:38 PM Link | #76088
I'm only 12 so I only understand the malicious part, which really worries me now D:

I heard on Twitter those types of monitors contain a small PC or something, is this related to it?

follow twitter me on @altypepper

Posted on 08-13-16 03:41 PM Link | #76090
If you mean this tweet, then pretty much.

(Just keep this in mind, it's not exactly a PC.)

Website | Twitter

Posted on 08-13-16 04:08 PM Link | #76092
faking things by plotting OSD pixels sounds too gross to really be practical in a real-world attack

NSMBHD - Kafuka - Jul

what do you use to measure bolts? a boltmeter

Main - Computers and technology - Dell Monitor Exploit New reply

Page rendered in 0.022 seconds. (2048KB of memory used)
MySQL - queries: 26, rows: 196/196, time: 0.013 seconds.
[powered by Acmlm] Acmlmboard 2.064 (2017-11-20)
© 2005-2008 Acmlm, Xkeeper, blackhole89 et al.