Tools:Memory Imaging
From ForensicsWiki
At CanSec West 05, Michael Becher, Maximillian Dornseif, and Christian N. Klein discussed an exploit which uses DMA to read arbitrary memory locations of a firewire-enabled system. The paper lists more details. The exploit is run on an iPod running Linux. This can be used to grab screen contents.
In theory, this could be used with the ... to send through an exploit code that would cause the system to dump the contents of its hard drive back to the iPod.