Low Level BootROM Protocol Fuzzing Secure Memory Regions
Offered By: Hack In The Box Security Conference via YouTube
Course Description
Overview
Explore low-level BootROM protocol fuzzing and secure memory region vulnerabilities in this 44-minute conference talk from Hack In The Box Security Conference. Dive into the world of secure microcontrollers, their BootROM functions, and the challenges of identifying vulnerabilities in these heavily hardened systems. Learn about a custom fuzzing framework developed for low-level protocols like SPI, I2C, USB, and UART, and discover how it uncovered memory corruption vulnerabilities in BootROM USB device driver stacks. Gain insights into the importance of fuzzing techniques for embedded systems security, the disclosure process for identified vulnerabilities, and potential applications of this approach to other secure elements and devices.
Syllabus
Intro
Microcontroller BootROM Functions
BootROM Security Functions What different vendor provide
Microcontroller Use cases
Microcontroller Peripherals API's
Less focus on Microcontroller Fuzzing?
Need for fuzzing low level Protocols in Mc
Fuzzing Reach
Vulnerabilities found on Modern Microcontrollers
USB 101 -Enumeration Steps
Fuzzing Setup
USB device stack Vulnerability - CVE details
Conclusion & Next Steps
Taught by
Hack In The Box Security Conference
Related Courses
Comprendre les MicrocontroleursÉcole Polytechnique Fédérale de Lausanne via Coursera Electronic Interfaces: Bridging the Physical and Digital Worlds
University of California, Berkeley via edX Arduino y algunas aplicaciones
Universidad Nacional Autónoma de México via Coursera Embedded Systems Design
Indian Institute of Technology, Kharagpur via Swayam Enseignes et afficheurs à LED
École Polytechnique Fédérale de Lausanne via Coursera