Analyzing UEFI BIOSes from Attacker & Defender Viewpoints
Offered By: Black Hat via YouTube
Course Description
Overview
Explore the intricacies of UEFI BIOS analysis from both offensive and defensive perspectives in this comprehensive Black Hat conference talk. Delve into the challenges of detecting malicious changes in BIOS and the limitations of current comparison methods. Gain insights into essential topics such as port IO, memory-mapped IO, PCI, SMM, and UEFI, crucial for effective modern BIOS analysis. Examine how UEFI's transparency impacts both attackers and defenders in firmware analysis. Learn about UEFI boot phases, firmware storage, security responsibilities, and key management. Discover the potential for firmware-level malware and the importance of developing expertise in this often overlooked area of cybersecurity.
Syllabus
Introduction 2
BIOS is dead, long live UEFI!
About UEFI
UEFI Differences: Boot Phases
Legacy BIOS Firmware Storage
Firmware Files
Yay Standardization!
Security (SEC) Phase
SEC Responsibilities 1 of 2
Quick ACPI Note: Sleep Modes
SEC Responsibilities 2 of 2
SEC Hand-off to PEI Entry Point
Components of PEI
UEFI Non-Volatile Variables
EFI Variable Attributes Combinations
Authenticate how Keys and Key Stores
UEFI Variables (Keys and Key Stores) 2
Boot Device Selection (BDS)
Transient System Load (TSL)
Taught by
Black Hat
Related Courses
Defending, Detecting, and Responding to Hardware and Firmware Attacks - Teddy Reed - USENIX Enigma Conference - 2016USENIX Enigma Conference via YouTube Getting Physical with USB Type-C - Windows 10 RAM Forensics and UEFI Attacks
Recon Conference via YouTube AP Power Sequence Subsystem in Zephyr
Linux Foundation via YouTube Intel Trusted Domain Extensions (TDX) Host Kernel Support
Linux Foundation via YouTube Cameras, Devicetree and ACPI: A Device Driver Perspective
Linux Foundation via YouTube