Presented at
DEF CON 22 (2014),
Aug. 10, 2014, 2 p.m.
(60 minutes)
Hardware hacks tend to focus on low-speed (jtag, uart) and external (network, usb) interfaces, and PCI Express is typically neither. After a crash course in PCIe Architecture, we'll demonstrate a handful of hacks showing how pull PCIe outside of your system case and add PCIe slots to systems without them, including embedded platforms. We'll top it off with a demonstration of SLOTSCREAMER, an inexpensive device we've configured to access memory and IO, cross-platform and transparent to the OS - all by design with no 0-day needed. The open hardware and software framework that we will release will expand your NSA Playset with the ability to tinker with DMA attacks to read memory, bypass software and hardware security measures, and directly attack other hardware devices in the system. Anyone who has installed a graphics card has all the hardware experience necessary to enjoy this talk and start playing NSA at home!
Presenters:
-
Miles Crabill
- Security Researcher
Miles Crabill is a rising junior at Lewis & Clark College in Portland, OR. He is interested in computer security education and is a contributor to EDURange, an NSF funded framework for deploying computer security scenarios.
-
Joe FitzPatrick / @securelyfitz
- Hardware Security Resources, LLC
as Joe FitzPatrick
Joe is an Instructor, Consultant, and Researcher at SecuringHardware.com. Joe specializes in low-cost attacks, hardware tools, and hardware design for security. Previously, he spent 8 years doing test/debug and hardware pen-testing of desktop and server microprocessors, as well as conducting security validation training for hardware validators worldwide. In addition to side projects on PCIe, RTL security validation, and simple sidechannel attacks, Joe currently teaches "Secure Hardware Development for Integrated Circuits" and Co-teaches "Software Exploitation via Hardware Exploits" alongside Stephen Ridley. Twitter: @securelyfitz
Links:
Similar Presentations: