DEF CON Forum Site Header Art


No announcement yet.

Mickey Shkatov & Jesse Michael - One Bootloader to Load Them All

  • Filter
  • Time
  • Show
Clear All
new posts

  • Mickey Shkatov & Jesse Michael - One Bootloader to Load Them All

    Mickey Shkatov & Jesse Michael - One Bootloader to Load Them All

    Mickey Shkatov, Hacker, (He/Him)
    Jesse Michael, Hacker, (He/Him)

    Presentation Title: One Bootloader to Load Them All
    Length of presentation: 45 minutes
    Demo, Tool, Exploit

    Introduced in 2012, Secure Boot - the OG trust in boot - has become a foundational rock in modern computing and is used by millions of UEFI-enabled computers around the world due to its integration in their BIOS.

    The way Secure Boot works is simple and effective, by using tightly controlled code signing certificates, OEMs like Microsoft, Lenovo, Dell and others secure their boot process, blocking unsigned code from running during boot.

    But this model puts its trust in developers developing code without vulnerabilities or backdoors; in this presentation we will discuss past and current flaws in valid bootloaders, including some which misuse built-in features to inadvertently bypass Secure Boot. We will also discuss how in some cases malicious executables can hide from TPM measurements used by BitLocker and remote attestation mechanisms.

    Come join us as we dive deeper and explain how it all works, describe the vulnerabilities we found and walk you through how to use the new exploits and custom tools we created to allow for a consistent bypass for secure boot effective against every X86-64 UEFI platform.

    Jesse Michael - Jesse is an experienced security researcher focused on vulnerability detection and mitigation who has worked at all layers of modern computing environments from exploiting worldwide corporate network infrastructure down to hunting vulnerabilities inside processors at the hardware design level. His primary areas of expertise include reverse engineering embedded firmware and exploit development. He has also presented research at DEF CON, Black Hat, PacSec, Hackito Ergo Sum, Ekoparty, and BSides Portland.
    Twitter: @JesseMichael

    Mickey Shkatov - Mickey has been doing security research for almost a decade, one of specialties is simplifying complex concepts and finding security flaws in unlikely places. He has seen some crazy things and lived to tell about them at security conferences all over the world, his past talks range from web pentesting to black badges and from hacking cars to BIOS firmware.
    Twitter: @HackingThings

    We will reference our previous talks about BIOS Exploitation and remote attack surface for firmware, as well as other talks and research with all references noted in the slides for each. As always, all credit will be given, and intended for attendees to be able to explore the topics themselves later on.

    Last edited by number6; June 18, 2022, 12:10.