CanSecWest Vancouver 2020

Site menu:

Register | Conference | Dojo | Speakers | Agenda | Slides | Hotel & Travel | Contact

Security Masters Dojo

Advanced and intermediate security training and technology enhancement for information security professionals.

Practical Firmware Implants

Register for March 14-15, 2020 (2-day Course)

Instructor(s):
Jesse Michael, Mickey Shkatov

Description

In recent years as firmware based attacks are becoming more and more frequent, there is a growing need for understanding the motivation, capabilities and complexities of such attacks. How do they work? How hard is it to create an implant? What are the attackers considerations and thoughts when creating firmware implants?

This is a two day crash course in UEFI development for security practitioners in which we will spend most of our time working hands-on understanding how system firmware works, basic development and coding, firmware implantation strategies, attack and defense tactics and more.

Hands on labs will help you learn about and better understand

• Hardware and UEFI boot process
• The UEFI EDK build environment
• How to build your own UEFI BIOS and test it
• EFI Shell application development
• DXE Driver development
• Debugging and troubleshooting your code
• Understand UEFI Implant benefits and caveats
• Build your own UEFI implant
• How to perform an Evil-Maid attack on common UEFI BIOS based systems

PREREQUISITE WARNING Each class has prerequisites for software loads and a laptop is mandatory. These individual class guides will list material the students are expected have knowledge about coming in and software tools that need to be pre-installed before attending so you get the maximum benefit from the focused intermediate or advanced level course. Please pay particular attention to the prerequisites, as the material listed there will not be reviewed in the courses, and will be necessary to get the maximum benefit out of these educational programs.

Course Outline

Day 1:
• Background and overview of UEFI and Boot process
• Hands-On: Development and debug environment
• Driver and Application development
• Hands-On: Hello world exercise
• Firmware image structure and tools
• Hands-On : Integrating your driver into the firmware image
Day 2:
• Firmware implant and payloads , background and techniques
• Hands-On: building custom implant and payload of your choice
• Flash chip basics, System Firmware reading and writing and tool selection.
• Hands-On: Evil Maid - implanting a system firmware image and flashing it
• Overview and summary

When you finish this class:

• You will have a foundation to build on when it comes to UEFI and BIOS
• You will know and understand how to build a firmware implant and the challenges involved
• You will have a foundation of how to search and detect firmware implants

Who Should Take This Course:

This course is designed for those who have a basic understanding of C/C++ and who would like to start exploring the world of UEFI and BIOS security.

Pre-requisites:

• An Intel based laptop with 6th Gen CPU and later, Minimum 8GB of RAM, 50GB of free storage space, and Unused USB Type A port
• Oracle VirtualBox 6.0 and later
• Optional: Be able to boot from USB 3.1 Type A storage device
• Basic programming experience
• Basic understand of Hardware hacking techniques such as SPI chip flashing and UART

Sponsors:

More Information:

Sponsorship Information |

Wise words:

"Sen Sen No Waza - to strike the opponent after he has formed the intention to attack and has committed to a specific motion."

Copyright © dragostech.com inc. All Rights Reserved.