YoVDO

Sleight of ARM- Demystifying Intel Houdini - Brian Hong - Ekoparty 2021- Hardware Hacking Space

Offered By: Ekoparty Security Conference via YouTube

Tags

Ekoparty Security Conference Courses Reverse Engineering Courses Malware Analysis Courses x86 Architecture Courses ARM Architecture Courses Hardware Hacking Courses

Course Description

Overview

Explore Intel's proprietary Houdini binary translator, used in Android on x86 platforms, in this 36-minute conference talk from Ekoparty 2021's Hardware Hacking Space. Delve into the high-level workings and loading process of Houdini, followed by an in-depth examination of its low-level internals and memory model. Discover security weaknesses introduced by Houdini and learn methods to escape its environment, execute arbitrary ARM and x86 code, and create Houdini-targeted malware that evades existing platform analysis. Gain insights from security consultant Brian Hong's expertise in hardware penetration testing, reverse engineering, and embedded systems security.

Syllabus

Introduction
Android
Background on Android
Houdini
Houdini Uses
How Houdini Works
Houdini Explanation
Houdini Shared Object
Android Native Bridge
Android x86 Project
Java Native Interface
Native Bridge RuntimeCallbacks
Initialize Load Library
Native Code
Native Bridge
Memory
Memory Map
Execution Loop
Decompile
Processor State
Syscalls
Detection
Escape to x86
Rwx pages
Sidechannel code execution
Detection and analysis
Malware behavior
Recommendations
Static Analysis
Conclusion
Disclosure Timeline
Special Thanks


Taught by

Ekoparty Security Conference

Related Courses

Hacking the Game & Watch
stacksmashing via YouTube Arduino Radar Gun Speed Reader - Easy How-To Guide
Kevin Darrah via YouTube Jailbreaking the AppleTV3 - Tales From A Full Stack Hack
nullcon via YouTube So Many Pentesting Tools from a 4 Arduino
YouTube The Art of Bit Banging - Gaining Full Control of Nearly Any Bus Protocol
YouTube