Presented at
33C3 (2016),
Dec. 28, 2016, 1 p.m.
(30 minutes).
Engaging universally available deep debug functionality of modern
Intel cores, with zero software or hardware modifications
required on the target side.
Our research team at Positive Technologies has discovered a way
to engage the advanced debug machinery on modern Intel cores.
This advanced machinery can be employed to exercise deep control
of the running system across all execution modes using merely a
USB port connection, with zero software or hardware modifications
required on the target side.
It goes without saying that such functionality carries profound
security implications.
Presenters:
-
Maxim Goryachy
-
Mark Ermolov
I'am a system programmer that is intrested in security aspects of hardware, firmware, and low-level system sofware (bare-metal hypervisors, OSes cores, device drivers). I'am working in company Positive Technologies in Moscow at mentioned position.
I've had talks at russian security conferences PHDays and ZeroNigths. One of the my previouse researches was about internal structure of Microsoft PathGuard and ways to compromise it. Another my most recent reserach was about how to disable Intel Management Engine. My professional intrestings also include virtualization technologies, low level GPU programming, reverse engineering of firmwares and device drivers. With Maxim Goryachy I have prepared to talk about Intel DCI - most recent and intriguing technology to organize low cost hardware JTAG debuging of latest Intel processors.
Links: