Sleight of ARM- Demystifying Intel Houdini - Brian Hong - Ekoparty 2021- Hardware Hacking Space
Offered By: Ekoparty Security Conference via YouTube
Course Description
Overview
Explore Intel's proprietary Houdini binary translator, used in Android on x86 platforms, in this 36-minute conference talk from Ekoparty 2021's Hardware Hacking Space. Delve into the high-level workings and loading process of Houdini, followed by an in-depth examination of its low-level internals and memory model. Discover security weaknesses introduced by Houdini and learn methods to escape its environment, execute arbitrary ARM and x86 code, and create Houdini-targeted malware that evades existing platform analysis. Gain insights from security consultant Brian Hong's expertise in hardware penetration testing, reverse engineering, and embedded systems security.
Syllabus
Introduction
Android
Background on Android
Houdini
Houdini Uses
How Houdini Works
Houdini Explanation
Houdini Shared Object
Android Native Bridge
Android x86 Project
Java Native Interface
Native Bridge RuntimeCallbacks
Initialize Load Library
Native Code
Native Bridge
Memory
Memory Map
Execution Loop
Decompile
Processor State
Syscalls
Detection
Escape to x86
Rwx pages
Sidechannel code execution
Detection and analysis
Malware behavior
Recommendations
Static Analysis
Conclusion
Disclosure Timeline
Special Thanks
Taught by
Ekoparty Security Conference
Related Courses
Dal Reverse engineering alla stampa 3DUniversity of Naples Federico II via Federica Rapid Manufacturing
Indian Institute of Technology Kanpur via Swayam Generative Design for Industrial Applications
Autodesk via Coursera Fundamentos de Ciberseguridad: un enfoque práctico
Inter-American Development Bank via edX Functional And Conceptual Design
Indian Institute of Technology Madras via Swayam