Attack on Titan M, Reloaded - Vulnerability Research on a Modern Security Chip
Ekoparty Security Conference via YouTube
Overview
This course focuses on vulnerability research on the Titan M chip introduced by Google in Pixel 3 devices. The learning outcomes include understanding how to perform vulnerability research on a constrained target, comparing results from static analysis, fuzzing, and dynamic symbolic execution, and exploiting a specific vulnerability (CVE-2022-20233) to achieve code execution and leak secrets from the secure chip. The course teaches skills such as static analysis, fuzzing, dynamic symbolic execution, and exploit development. The teaching method involves a talk sharing research findings and practical demonstrations. The intended audience includes security researchers, system security professionals, and individuals interested in mobile platform security and automated vulnerability research.
Syllabus
Damiano Melotti - Attack on Titan M, Reloaded: Vulnerability Research on a Modern Security Chip
Taught by
Ekoparty Security Conference