REcon Brussels 2018 slides uploaded

Starcraft: Emulating a buffer overflow for fun and profit – Elias Bachaalany
Subverting your server through its BMC: the HPE iLO4 case – Alexandre Gazet, Joffrey Czarny, Fabien Perigaud
Breaking state-of-the-art binary code obfuscation – Tim Blazytko, Moritz Contag
Decompiler internals: microcode – Ilfak Guilfanov
Mess with the best, die like the rest (mode) – Volodymyr Pikhur
Hacking Toshiba Laptops – Michał Kowalczyk, Serge Bazanski
Dissecting QNX – Ali Abbasi, Jos Wetzels
Robin Hood vs Cisco ASA AnyConnect – Cedric Halbronn
Linux Vulnerabilities, Windows Exploits: Escalating Privileges with WSL – Saar Amar
DIY ARM Debugger for Wi-Fi Chips- Matthias Schulz
Reversing IoT: Xiaomi ecosystem – Dennis Giese, Daniel Wegemer
Visiting The Snake Nest – Matthieu Faou, Jean-Ian Boutin
Reverse Engineering Windows Defender’s JavaScript Engine – Alexei Bulazel

Slides for coreboot/UEFI talk from REcon available


Click to access REConBrussels2017_BARing_the_system.pdf

Yuriy and Oleksandr at REcon

Baring the system: New vulnerabilities in SMM of Coreboot and UEFI based systems
By: Yuriy Bulygin, Oleksandr Bazhaniuk

Previously, we discovered a number of vulnerabilities in UEFI based firmware including software vulnerabilities in SMI handlers that could lead to SMM code execution, attacks on hypervisors like Xen, Hyper-V and bypassing modern security protections in Windows 10 such as Virtual Secure Mode with Credential and Device Guard. These issues led to changes in the way OS communicates with SMM on UEFI based systems and new Windows SMM Security Mitigations ACPI Table (WSMT). This research describes an entirely new class of vulnerabilities affecting SMI handlers on systems with Coreboot and UEFI based firmware. These issues are caused by incorrect trust assumptions between the firmware and underlying hardware which makes them applicable to any type of system firmware. We will describe impact and various mitigation techniques. We will also release a module for open source CHIPSEC framework to automatically detect this type of issues on a running system.



Yuriy to speak at REcon Brussels