YoVDO

Elevating the TrustZone to Achieve a Powerful Android Kernel Exploit

Offered By: nullcon via YouTube

Tags

nullcon Courses Mobile Security Courses Trustzone Courses

Course Description

Overview

Explore an innovative approach to Android kernel exploitation in this 44-minute conference talk from Nullcon Goa 2022. Discover how leveraging the TrustZone, a higher privileged component, can overcome existing security mitigations and create a 100% reliable exploit. Learn about CVE-2021-1961, a vulnerability found in the Android kernel, and the unique exploitation method used. Delve into the communication protocol between the kernel and Qualcomm TrustZone (QSEE), identifying its weaknesses. Gain insights on why this technique bypasses current and potentially future mitigations, and how to begin your own research in this area. Understand the challenges of kernel exploitation in mobile security and how this method addresses issues of reliability and adaptability across different devices and versions.

Syllabus

Elevating The TrustZone To Achieve A Powerful Android Kernel Exploit | Tamir Zahavi Nullcon Goa 2022


Taught by

nullcon

Related Courses

0Day Up Your Sleeve - Attacking macOS Environments
nullcon via YouTube
A Broken Commercial Metaverse-Based Virtual Office Platform
nullcon via YouTube
A Call To Arms - Desi Jugaad
nullcon via YouTube
A Hacker Walks Into A Co-Working Space
nullcon via YouTube
A Kernel Hacker Meets Fuchsia OS
nullcon via YouTube