awesome-embedded-and-iot-security: Awesome List on embedded and IoT security.

From the makers of the FACT firmware tool:

See-also: and and and

7 new security advisories from Intel

The post-DEF CON/Black Hat queue: 🙂

Intel® Computing Improvement Program Advisory

Intel® Processor Identification Utility for Windows* Advisory

Intel® Remote Displays SDK Advisory

Intel® Driver & Support Assistant Advisory

Intel® Authenticate Advisory

Intel® NUC Advisory

Intel® RAID Web Console 2 Advisory

new zine: Paged Out!

See-also: related zines like Phrack and POC||GTFO.

Firmware_Slap: Discovering vulnerabilities in firmware through concolic analysis and function clustering

Firmware slap combines concolic analysis with function clustering for vulnerability discovery and function similarity in firmware. Firmware slap is built as a series of libraries and exports most information as either pickles or JSON for integration with other tools.

Firmware Slap

Platform Security Summit ‏ 2019 date set

The Platform Security Summit for 2019 will be in Redmond, WA (West Coast). Last year it was in Fairfax, VA (East Coast). I’m guessing there’ll be more talks from Microsoft this year. 🙂

The web site still talks about the 2018 event, the above tweet is the only “CFP” I have yet seen for the 2019 event.

Videos from last year:

ARM: The Security Arms Race on Devices

Sitel Amin of ARM has a new blog post about ARM-based mobile security technologies:

We are in the middle of a security arms race on devices. It is a never-ending cycle where hackers will think of new ways to find vulnerabilities and where we in the industry constantly try to stay one step ahead with innovations that lead to better and stronger security. […]

BlackHat 2019 USA presentations starting to become available…

Some BlackHat presentations are starting to become available to the public:

Not yet on:

Android_Universal: Android Universal Boot Rooting Toolkit

Boot to root 🙂 Converts stock boot images and adds hidden root (accessible via netcat session), patches selinux and adds adb. Tested with Android 4.x – 9.x.

oreboot: a fork of coreboot, with C removed, written in Rust

oreboot is a downstream fork of coreboot, i.e. oreboot is coreboot without ‘c’. oreboot will only target truly open systems requiring no binary blobs. oreboot is mostly written in Rust, with assembly where needed. oreboot currently only plans to support LinuxBoot payloads.

LLDBFuzzer: Debugging and Fuzzing the Apple Kernel with LLDB Script

Hmm, I can’t find the source code, just a blog and a PDF. Maybe I missed it…

[…] To help security researchers, we have developed LLDBFuzzer, which is based on the LLVM Project’s next-generation debugger called Low Level Debugger (LLDB). We tested LLDBFuzzer on a MacPro’s AMD graphic drivers. These drivers are used to accelerate and optimize 2D, 3D and video rendering, and they contain many interfaces that the user space can access; these features make them a good target for LLDBFuzzer. LLDB is not suitable for debugging low-level kernel components, but it can debug almost all the kernel extensions and XNU codes after the required hardware is operational. Based on these features, this is the novel fuzzing architecture of LLDBFuzzer […]

Figure. 1 Dell PFS BIOS Extractor

Plato has written a new tool to his collection of BIOS Utilities:

Inspired from by Nikolaj Schlej

FWAnalyzer: a tool to analyze filesystem images


The main idea of FwAnalyzer is to provide a tool for rapid analysis of filesystem images as part of a firmware security Q&A check suite. FwAnalyzer takes a configuration file that defines various rules for files and directories and runs the configured checks against a given filesystem image. The output of FwAnalyzer is a report, which contains the list of files that violate any of the rules specified in the configuration. The report further contains meta information about the filesystem image and, if configured, information extracted from files within the analyzed filesystem. The report is formatted using JSON so it can be easily integrated as a step in a larger analysis.


AMD System Programming manual updated

AMD updated: “AMD64 Architecture Programmer’s Manual Volume 2: System Programming” in July 2019. The last update was back in September 2018. Changes:
3.31 Added CLWB and WBNOINVD details.
Clarified FP error pointer save/restore behavior.
Corrected description of APIC Software Enable functionality.
Clarified canonical address checking behavior.
Clarified fault generation for instructions that cross page or segment boundaries.

SecureLayer7: How to Start IoT device Firmware Reverse Engineering

IoT device Firmware Reverse Engineering is a process to understand the device architecture, functionality and vulnerabilities present in the device incorporating different methods. Firmware is a piece of code written for specific hardware to perform different operations and control the device. In this blog, we will learn how to access the file system of a TP-Link Router TL-WR841N.[…]