Inception is a FireWire physical memory manipulation and hacking tool exploiting IEEE 1394 SBP-2 DMA. The tool can unlock (any password accepted) and escalate privileges to Administrator/root on almost* any powered on machine you have physical access to. The tool can attack over FireWire, Thunderbolt, ExpressCard, PC Card and any other PCI/PCIe interfaces.

Inception aims to provide a stable and easy way of performing intrusive and non-intrusive memory hacks in order to unlock live computers using FireWire SBP-2 DMA. It it primarily attended to do its magic against computers that utilize full disk encryption such as BitLocker, FileVault, TrueCrypt or Pointsec. There are plenty of other (and better) ways to hack a machine that doesn't pack encryption.

As of version 0.3.5, it is able to unlock the following x86 and x64 operating systems:

(1): If FileVault 2 is enabled, the tool will only work when the operating system is unlocked. (2): Other Linux distributions that use PAM-based authentication may also work using the Ubuntu signatures. (3): x86 only.

The tool also effectively enables escalation of privileges, for instance via the runas or sudo -s commands, respectively. More signatures will be added. The tool makes use of the libforensic1394 library courtesy of Freddie Witherden under a LGPL license.