Reversing SR-IOV For Fun and Profit

Presented at ShmooCon XV (2019), Jan. 20, 2019, 11 a.m. (60 minutes)

We are surrounded with PCIe devices everywhere. They are in charge of interconnecting extremely important and exciting functionalities inside and outside our systems.

Have you ever been wondering how to explore and reverse engineer those devices and their functionalities? SR-IOV (Single-Root I/O Virtualization) is a peripheral component interconnect (PCI) standard for sharing PCIe devices within a single computer.

In this talk I will provide thorough background of PCIe devices and the standard. Afterwards, I will share my research experience and explain how SR-IOV PCIe devices can be reverse engineered, what information we can get, how to find vulnerabilities in PCIe devices, and what we can learn from those findings.

Presenters:

• Adir Abraham
  Adir Abraham (@adirab) is a reverse engineer and a vulnerability researcher at Intel, with more than 15 years of experience as a cybersecurity researcher and exploit developer. He likes to learn new and cutting-edge technologies, break them, and explore anything from low-level SW to HW vulnerabilities and build exploitation scenarios accordingly. Recently, he also took part in the CTF organizers team of BSidesTLV. He holds a BSc degree in CS education and a BA degree in Economics–both from the Technion. He is also CISSP, CCSK, and CySA+ certified.

Links:

• https://infocon.org/cons/ShmooCon/ShmooCon 2019/Reversing SR-IOV For Fun and Profit.mp4

Similar Presentations:

• Black Hat USA 2021 / PCIe Device Attacks: Beyond DMA. Exploiting PCIe Switches, Messages and Errors
• DEF CON 22 (2014) / NSA Playset: PCIe
• 33C3 (2016) / Building a high throughput low-latency PCIe based SDR: Lessons learnt implementing PCIe on FPGA for XTRX Software Defined Radio