LegbaCore training announcement

The 2-day agenda:
    Introduction to BIOS concepts
        General system configuration responsibilities
        Security-specific configuration responsibilities
    Hardware architecture
        ICH/MCH/PCH
        SPI flash chip
    Usage of PCI for x86 system internals
    Talking to hardware through the PCI configuration space
    PCI Option ROMs (and their use in attack)
    BIOS access control mechanisms
        How they fail
        Tools to detect their failure
    System Management Mode (SMM)
        Why SMM is basically the best place for an attacker to live on an x86 system
        Discussion of how the BIOS instantiates SMM from flash chip contents
        Discussion of how attackers can break into SMM even without persisting on the flash chip
    Introduction to UEFI BIOS
        The UEFI phases and security parameters specific to UEFI
        UEFI Firmware Filesystem
    Reverse engineering UEFI modules
        Applying UEFI structure definitions in IDA Pro
    How Secure Boot & Measured Boot work
        Attacks against Secure Boot
        Attacks against Measured Boot
    Specific tools useful for performing further firmware security research
        RWEverything
        ChipSec

http://gsec.hitb.org/sg2015/sessions/tech-training-6-introductory-bios-smm-attack-defense/

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s