Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Direct Memory Access (DMA) Attack Software
Quote:PCILeech Summary:

The PCILeech use the USB3380 chip in order to read from and write to the memory of a target system. This is achieved by using DMA over PCI Express. No drivers are needed on the target system. The USB3380 is only able to read 4GB of memory natively, but is able to read all memory if a kernel module (KMD) is first inserted into the target system kernel. Reading 8GB of memory from the target system take around one (1) minute. The PCILeech hardware is connected with USB3 to a controlling computer running the PCILeech program. PCILeech is also capable of inserting a wide range of kernel modules into the targeted kernels - allowing for pulling and pushing files, remove the logon password requirement, loading unsigned drivers, executing code and spawn system shells. The software is written in visual studio and runs on Windows 7/Windows 10. Supported target systems are currently the x64 versions of: Linux, FreeBSD, macOS and Windows.


PCILeech is dependant on the PLX Technologies USB3380 chip. The actual chip can be purchased for around $15, but it's more convenient to purchase a development board on which the chip is already mounted. Development boards can be purchased from BPlus Technology, or on eBay / Ali Express. Please note that adapters may be required too depending on your requirements.

The hardware confirmed working is:
  • USB3380-EVB mini-PCIe card.
  • PP3380-AB PCIe card.
Please note that the ExpressCard EC3380-AB is not working!

Recommended adapters:
  • PE3B - ExpressCard to mini-PCIe.
  • PE3A - ExpressCard to PCIe.
  • ADP - PCIe to mini-PCIe.
  • Sonnet Echo ExpressCard Pro - Thunderbolt to ExpressCard.
Please note that other adapters may also work.
“If you think you are too small to make a difference, try sleeping with a mosquito.” - Dalai Lama XIV

Forum Jump:

Users browsing this thread: 1 Guest(s)