YoVDO

I Boot when U-Boot

Offered By: nullcon via YouTube

Tags

nullcon Courses IoT security Courses Supply Chain Attacks Courses Secure Boot Courses Firmware Security Courses U-Boot Courses

Course Description

Overview

Explore the inner workings of a custom-developed bootkit for U-Boot based embedded devices in this 33-minute conference talk from Nullcon Goa 2018. Discover how the bootkit achieves persistence at a level lower than firmware, surviving updates and factory resets. Learn about its killswitch functionality, multi-boot technique for switching between regular and backdoored images, and methods to thwart detection. Delve into topics such as dumping flash memory, utilizing toolchains, exploiting U-Boot variables, and backdooring functions. Examine the process of planting the bootkit, ensuring persistence, and potential detection methods. Discuss secure boot, supply chain attacks, and trusted computing concepts. Gain insights into firmware security resources and understand the implications of this advanced IoT cybersecurity threat.

Syllabus

Introduction
Goal
Bootkit: Advantages
Bootkit: Disadvantages
Preparing the Device
Dumping the flash
The toolchain
U-Boot variables
Interesting features
Backdooring functions printeny
U-Boot password protection
Hiding from 'strings
Demo
Planting the bootkit
Persistence
Detecting Bootkits
Secure Boot
Bypassing Secureboot
Supply Chain attacks
(Not-so) Trusted Computing
Firmware Security Resources
Conclusion


Taught by

nullcon

Related Courses

The Internet of Insecure Things - 10 Most Wanted List
YouTube
Attacking IOBluetoothFamily HCI and Vendor-Specific Commands
Black Hat via YouTube
Breaking Through Another Side - Bypassing Firmware Security Boundaries from Embedded Controller
Black Hat via YouTube
Securing Your In-Ear Fitness Coach - Challenges in Hardening Next Generation Wearables
Black Hat via YouTube
My Threat Model is Your Threat Model
RSA Conference via YouTube