Applied Physical Attacks on Embedded and IoT System
Duration: two days
- Tue 13th / Wed 14th : $1500: 0 space [ SOLD OUT ]
- Tue 13th / Wed 14th : Free: 6 spaces [ CLOSED ]
Abstract
This course introduces and explores attacks on several different relatively accessible interfaces on embedded systems. Attendees will get hands-on experience implementing and deploying a number of low-cost hardware devices to enable access, privilege, and deception which is in some cases imperceptible from software.
The course has several modules. Each begins with an architectural overview of an interface, and follows with a series of labs for hands-on practice understanding, observing, interacting with, and exploiting the interface, finishing with either potentially exploitable crashes or directly to root shells
Course Outline
Part 1: UART
Background: UART History, Architecture, and Uses
UART Lab 1: Connecting to a known UART
UART Lab 2: Identifying and analyzing an unknown UART
UART Lab 3: Escalating and persisting UART privilege
Part 2: JTAG
Background: JTAG History and Purpose
JTAG Lab 1: Hardware and Software Setup
JTAG Lab 2: Escalating Privilege via Kernel
JTAG Lab 3: Escalating Privilege via a Process
Part 3: SPI
Background: Flash storage and the SPI interface
SPI Lab 1: Accessing Flash from software
SPI Lab 2: Sniffing and Parsing SPI
SPI Lab 3: Dumping SPI from Hardware
SPI Lab 4: Firmware Analysis
Part 4: Firmware
Background: More types of Flash, Storage, and Firmware
Firmware Lab 1: Dumping Firmware from Software
Firmware Lab 2: Manipulating firmware images
Firmware Lab 3: Finding software bugs in firmware
Prerequisites
No hardware or electrical background is required. Computer architecture knowledge and low-level programming experience helpful but not required. Familiarity with a Linux command line and a console text editor strongly recommended.