From the makers of the FACT firmware tool:
This is a monitoring plugin to check components and health status of systems which support Redfish.[…]
[…]Here’s the short answer: you can’t prevent it — at least, not entirely.[…]
The post-DEF CON/Black Hat queue: 🙂
Intel® Computing Improvement Program Advisory
Intel® Processor Identification Utility for Windows* Advisory
Intel® Remote Displays SDK Advisory
Intel® Driver & Support Assistant Advisory
Intel® Authenticate Advisory
Intel® NUC Advisory
Intel® RAID Web Console 2 Advisory
See-also: related zines like Phrack and POC||GTFO.
Firmware slap combines concolic analysis with function clustering for vulnerability discovery and function similarity in firmware. Firmware slap is built as a series of libraries and exports most information as either pickles or JSON for integration with other tools.
The Platform Security Summit for 2019 will be in Redmond, WA (West Coast). Last year it was in Fairfax, VA (East Coast). I’m guessing there’ll be more talks from Microsoft this year. 🙂
The web site still talks about the 2018 event, the above tweet is the only “CFP” I have yet seen for the 2019 event.
Videos from last year:
There’s another UEFI game, Mario-like:
Sitel Amin of ARM has a new blog post about ARM-based mobile security technologies:
We are in the middle of a security arms race on devices. It is a never-ending cycle where hackers will think of new ways to find vulnerabilities and where we in the industry constantly try to stay one step ahead with innovations that lead to better and stronger security. […]
Some BlackHat presentations are starting to become available to the public:
Boot to root 🙂 Converts stock boot images and adds hidden root (accessible via netcat session), patches selinux and adds adb. Tested with Android 4.x – 9.x.
oreboot is a downstream fork of coreboot, i.e. oreboot is coreboot without ‘c’. oreboot will only target truly open systems requiring no binary blobs. oreboot is mostly written in Rust, with assembly where needed. oreboot currently only plans to support LinuxBoot payloads.
Hmm, I can’t find the source code, just a blog and a PDF. Maybe I missed it…
[…] To help security researchers, we have developed LLDBFuzzer, which is based on the LLVM Project’s next-generation debugger called Low Level Debugger (LLDB). We tested LLDBFuzzer on a MacPro’s AMD graphic drivers. These drivers are used to accelerate and optimize 2D, 3D and video rendering, and they contain many interfaces that the user space can access; these features make them a good target for LLDBFuzzer. LLDB is not suitable for debugging low-level kernel components, but it can debug almost all the kernel extensions and XNU codes after the required hardware is operational. Based on these features, this is the novel fuzzing architecture of LLDBFuzzer […]
Plato has written a new tool to his collection of BIOS Utilities:
Inspired from https://github.com/LongSoft/PFSExtractor-RS by Nikolaj Schlej
The main idea of FwAnalyzer is to provide a tool for rapid analysis of filesystem images as part of a firmware security Q&A check suite. FwAnalyzer takes a configuration file that defines various rules for files and directories and runs the configured checks against a given filesystem image. The output of FwAnalyzer is a report, which contains the list of files that violate any of the rules specified in the configuration. The report further contains meta information about the filesystem image and, if configured, information extracted from files within the analyzed filesystem. The report is formatted using JSON so it can be easily integrated as a step in a larger analysis.
AMD updated: “AMD64 Architecture Programmer’s Manual Volume 2: System Programming” in July 2019. The last update was back in September 2018. Changes:
3.31 Added CLWB and WBNOINVD details.
Clarified FP error pointer save/restore behavior.
Corrected description of APIC Software Enable functionality.
Clarified canonical address checking behavior.
Clarified fault generation for instructions that cross page or segment boundaries.
IoT device Firmware Reverse Engineering is a process to understand the device architecture, functionality and vulnerabilities present in the device incorporating different methods. Firmware is a piece of code written for specific hardware to perform different operations and control the device. In this blog, we will learn how to access the file system of a TP-Link Router TL-WR841N.[…]
Two new UEFI apps, written in the Zig language:
UEFI-Paint is a paint app.
UEFI-Diag shows basic diagnostic information about the UEFI environment.