This course explores vulnerabilities in System Management Mode (SMM) and UEFI firmware components, focusing on the evolution of firmware mitigations in SMM/DXE on x86-based CPUs. It discusses new attacks on Intel Platform Properties Assessment Module (PPAM) and Intel SMI Transfer Monitor (STM), providing insights from an offensive security research perspective. The course is designed for security researchers, firmware security professionals, and individuals interested in advanced malware analysis and exploitation techniques. The teaching method involves a presentation by Alex Matrosov, a seasoned expert in reverse engineering and firmware security.
Breaking Firmware Trust From Pre-EFI - Exploiting Early Boot Phases
Ekoparty Security Conference via YouTube
Overview
Syllabus
Alex Matrosov - Breaking Firmware Trust From Pre-EFI: Exploiting Early Boot Phases - Ekoparty 2022
Taught by
Ekoparty Security Conference