Overview
This course covers the topic of IOMMU and DMA attacks, focusing on how Direct Memory Access technology can be exploited to unlock a user logon session. The learning outcomes include understanding the functioning of IOMMU, its integration within major operating systems, and the implications of DMA attacks using external peripherals. The course teaches about IOMMU bypassing on macOS and the security risks associated with DMA access. The teaching method involves a presentation by a former pentester, with a focus on real-world examples and research findings. This course is intended for individuals interested in cybersecurity, system security, and understanding the vulnerabilities associated with DMA technology.
Syllabus
Intro
Welcome
Presentation
Roadmap
Disclaimer
IO MMU
Peripheral Domains
Hypervisor
What is DMA
VBS
Linux IOMMU
Intel IOMMU
Apple IOMMU
Custom UEFI protocol
IO mapping class
IOMU workflow
Password checking patch
Prerequisites
FPGA example
Mac OS
Network packets
MX
MX flag set
DMA access
Apple patch
Conclusion
DMA projects
Thunderbolt on Windows
First schematic
Questions
Taught by
NorthSec