I Boot when U-Boot
Offered By: nullcon via YouTube
Course Description
Overview
Explore the inner workings of a custom-developed bootkit for U-Boot based embedded devices in this 33-minute conference talk from Nullcon Goa 2018. Discover how the bootkit achieves persistence at a level lower than firmware, surviving updates and factory resets. Learn about its killswitch functionality, multi-boot technique for switching between regular and backdoored images, and methods to thwart detection. Delve into topics such as dumping flash memory, utilizing toolchains, exploiting U-Boot variables, and backdooring functions. Examine the process of planting the bootkit, ensuring persistence, and potential detection methods. Discuss secure boot, supply chain attacks, and trusted computing concepts. Gain insights into firmware security resources and understand the implications of this advanced IoT cybersecurity threat.
Syllabus
Introduction
Goal
Bootkit: Advantages
Bootkit: Disadvantages
Preparing the Device
Dumping the flash
The toolchain
U-Boot variables
Interesting features
Backdooring functions printeny
U-Boot password protection
Hiding from 'strings
Demo
Planting the bootkit
Persistence
Detecting Bootkits
Secure Boot
Bypassing Secureboot
Supply Chain attacks
(Not-so) Trusted Computing
Firmware Security Resources
Conclusion
Taught by
nullcon
Related Courses
Open Source Security – Vulnerabilities Never Come AloneHack In The Box Security Conference via YouTube Linux on RISC-V and the New OS-A Platform
Linux Foundation via YouTube UEFI Secure Boot in U-Boot
Linux Foundation via YouTube What's New with U-Boot?
Linux Foundation via YouTube A Pragmatic Guide to Boot-Time Optimization
Linux Foundation via YouTube