Sticky Fingers & KBC Custom Shop: Fun at low-level

Presented at REcon 2011, July 9, 2011, 11 a.m. (60 minutes).

Firmware and embedded software have already targets of choice in the past. In the same spirit, this talk will discuss about how an attacker can take advantages of a laptop's keyboard controller. The keyboard controller (KBC) or embedded controller (EC) is most often an unknown component of our laptop. It is an independent computation unit, alongside the main processor. Firmwares and embedded software have already targets of choice in the past (network cards, chipset, etc.). During this talk we will discuss the interaction of the EC with the rest of the system (bios code and operating system) and the potential benefit for an attacker to compromise such a component.

Presenters:

• Alexandre Gazet

Links:

• https://recon.cx/2011/schedule/events/102.en.html

Similar Presentations:

• REcon 2017 / Fun with Sam: Inside the Surface Aggregator Module
• ToorCon San Diego 20 (2018) / Infecting the Embedded Supply Chain
• Black Hat USA 2019 / Breaking Through Another Side: Bypassing Firmware Security Boundaries from Embedded Controller