Show filters Hide filters

Refine your search

Publication Year
1-1 out of 1 results
Change view
  • Sort by:
1:07:51 REcon English 2015

Breaking Bad BIOS: Attacking and Defending BIOS in 2015

In this presentation we will demonstrate multiple types of recently discovered BIOS vulnerabilities. We will detail how hardware configuration is restored upon resume from sleep and how BIOS can be attacked when waking up from sleep using "S3 resume boot script" vulnerabilities. Similarly, we will discuss the impact of insufficient protection of persistent configuration data in non-volatile storage and more. We'll also describe how to extract contents of SMRAM using above vulnerabilities and advanced methods such as Graphics aperture DMA to further perform analysis of the SMM code that would otherwise be protected. Additionally, we will detail "SMI input pointer" and other new types of vulnerabilities specific to SMI handlers. Finally, we will describe how each class of issues is mitigated as a whole and introduce new modules to CHIPSEC framework to test systems for these types of issues.
  • Published: 2015
  • Publisher: REcon
  • Language: English
out of 1 pages
Loading...
Feedback

Timings

   35 ms - page object
   22 ms - search
    1 ms - highlighting
    1 ms - highlighting/32810

Version

AV-Portal 3.8.0 (dec2fe8b0ce2e718d55d6f23ab68f0b2424a1f3f)