This course focuses on vulnerability research on the Titan M chip introduced by Google in Pixel 3 devices. The learning outcomes include understanding how to perform vulnerability research on a constrained target, comparing results from static analysis, fuzzing, and dynamic symbolic execution, and exploiting a specific vulnerability (CVE-2022-20233) to achieve code execution and leak secrets from the secure chip. The course teaches skills such as static analysis, fuzzing, dynamic symbolic execution, and exploit development. The teaching method involves a talk sharing research findings and practical demonstrations. The intended audience includes security researchers, system security professionals, and individuals interested in mobile platform security and automated vulnerability research.
Attack on Titan M, Reloaded - Vulnerability Research on a Modern Security Chip
Ekoparty Security Conference via YouTube
Overview
Syllabus
Damiano Melotti - Attack on Titan M, Reloaded: Vulnerability Research on a Modern Security Chip
Taught by
Ekoparty Security Conference
Related Courses
-
Attack on Titan M, Reloaded - Vulnerability Research on a Modern Security Chip
-
A Titan M Odyssey
-
Software Security Analysis - Present and Future Research Initiatives
-
Contemporary Automatic Program Analysis
-
Hey, Your Parcel Looks Bad - Fuzzing and Exploiting Parcelization Vulnerabilities in Android
-
Finding New Bluetooth Low Energy Exploits via Reverse Engineering Multiple Vendors' Firmwares
