Abusing ACPI Control Methods

Presented at ShmooCon X (2014), Unknown date/time (Unknown duration).

The Advanced Power Control Interface (ACPI) is an integral part of modern PCs, used for managing a broad spectrum of diverse peripherals during the normal operation of the system. The system's BIOS provides code for carrying out ACPI-related functions in the form of ACPI Machine Language (AML) code that is executed in a lightweight virtual machine provided by the operating system. This VM can read and write memory, as well as issue I/O to peripherals. This talk will explore ways of abusing AML code, as executed by the operating system, to carry out various tasks, from kernel exploitation to damaging hardware.


Presenters:

  • Assambly
    Assambly is a security enthusiast with a wide range of interests in low level subjects.

Similar Presentations: