Sleight of ARM- Demystifying Intel Houdini - Brian Hong - Ekoparty 2021- Hardware Hacking Space
Offered By: Ekoparty Security Conference via YouTube
Course Description
Overview
Explore Intel's proprietary Houdini binary translator, used in Android on x86 platforms, in this 36-minute conference talk from Ekoparty 2021's Hardware Hacking Space. Delve into the high-level workings and loading process of Houdini, followed by an in-depth examination of its low-level internals and memory model. Discover security weaknesses introduced by Houdini and learn methods to escape its environment, execute arbitrary ARM and x86 code, and create Houdini-targeted malware that evades existing platform analysis. Gain insights from security consultant Brian Hong's expertise in hardware penetration testing, reverse engineering, and embedded systems security.
Syllabus
Introduction
Android
Background on Android
Houdini
Houdini Uses
How Houdini Works
Houdini Explanation
Houdini Shared Object
Android Native Bridge
Android x86 Project
Java Native Interface
Native Bridge RuntimeCallbacks
Initialize Load Library
Native Code
Native Bridge
Memory
Memory Map
Execution Loop
Decompile
Processor State
Syscalls
Detection
Escape to x86
Rwx pages
Sidechannel code execution
Detection and analysis
Malware behavior
Recommendations
Static Analysis
Conclusion
Disclosure Timeline
Special Thanks
Taught by
Ekoparty Security Conference
Related Courses
Hacking the Game & Watchstacksmashing via YouTube Arduino Radar Gun Speed Reader - Easy How-To Guide
Kevin Darrah via YouTube Jailbreaking the AppleTV3 - Tales From A Full Stack Hack
nullcon via YouTube So Many Pentesting Tools from a 4 Arduino
YouTube The Art of Bit Banging - Gaining Full Control of Nearly Any Bus Protocol
YouTube