Low Level BootROM Protocol Fuzzing Secure Memory Regions
Offered By: Hack In The Box Security Conference via YouTube
Course Description
Overview
Explore low-level BootROM protocol fuzzing and secure memory region vulnerabilities in this 44-minute conference talk from Hack In The Box Security Conference. Dive into the world of secure microcontrollers, their BootROM functions, and the challenges of identifying vulnerabilities in these heavily hardened systems. Learn about a custom fuzzing framework developed for low-level protocols like SPI, I2C, USB, and UART, and discover how it uncovered memory corruption vulnerabilities in BootROM USB device driver stacks. Gain insights into the importance of fuzzing techniques for embedded systems security, the disclosure process for identified vulnerabilities, and potential applications of this approach to other secure elements and devices.
Syllabus
Intro
Microcontroller BootROM Functions
BootROM Security Functions What different vendor provide
Microcontroller Use cases
Microcontroller Peripherals API's
Less focus on Microcontroller Fuzzing?
Need for fuzzing low level Protocols in Mc
Fuzzing Reach
Vulnerabilities found on Modern Microcontrollers
USB 101 -Enumeration Steps
Fuzzing Setup
USB device stack Vulnerability - CVE details
Conclusion & Next Steps
Taught by
Hack In The Box Security Conference
Related Courses
Unleash The Raspberry Pi Through Physical ComputingSkillshare Using Servo Motors with ESP32
DroneBot Workshop via YouTube I2C - Build a I2C Sensor
DroneBot Workshop via YouTube OLED Displays with Arduino - I2C and SPI OLEDs
DroneBot Workshop via YouTube Drawing Schematic and Connecting Microcontroller + Accelerometer - EasyEDA
Robert Feranec via YouTube