Loading…
This event has ended. Create your own event → Check it out
This event has ended. Create your own
View analytic
Thursday, September 10 • 19:35 - 20:29
Jtagsploitation: 5 wires, 5 ways to root

Sign up or log in to save this to your schedule and see who's attending!

JTAG comes up in nearly every hardware-related hack. In order to do anything via JTAG, you generally need a hardware debugging device that connects to anything from a standard header to undocumented test points scattered around a device. JTAG access is almost always 'game over' but it's not always clear how to turn that hardware access into privileged software access on the system.
This talk will enumerate a number of different ways to turn a 'check' for jtag access into the 'checkmate' of root shell access. Each example will demonstrate a unique method for getting root access via JTAG. Each method is also general enough to be broadly applicable across different hardware architectures and implementations. Example code and scripts will be released at the talk.

Speakers
avatar for Joe FitzPatrick

Joe FitzPatrick

Joe FitzPatrick (@securelyfitz) has spent a decade working on low-level silicon debug, security validation, and penetration testing of CPUS, SOCs, and microcontrollers. He develops and delivers hardware security training at https://SecuringHardware.com, including Applied Physical Attacks on x86 Systems. In between, he keeps busy with contributions to the NSA Playset and other misdirected hardware projects, which he presents at all sorts of... Read More →
MK

Matt King

Matt is a hardware security resarcher at a large semiconductor company.


Thursday September 10, 2015 19:35 - 20:29
Track 2

Attendees (14)