Loading…
44CON LONDON 2015 has ended
Back To Schedule
Thursday, September 10 • 19:35 - 20:29
Jtagsploitation: 5 wires, 5 ways to root

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
JTAG comes up in nearly every hardware-related hack. In order to do anything via JTAG, you generally need a hardware debugging device that connects to anything from a standard header to undocumented test points scattered around a device. JTAG access is almost always 'game over' but it's not always clear how to turn that hardware access into privileged software access on the system.
This talk will enumerate a number of different ways to turn a 'check' for jtag access into the 'checkmate' of root shell access. Each example will demonstrate a unique method for getting root access via JTAG. Each method is also general enough to be broadly applicable across different hardware architectures and implementations. Example code and scripts will be released at the talk.
Speakers
avatar for Joe FitzPatrick

Joe FitzPatrick

Joe FitzPatrick (@securelyfitz) has spent a decade working on low-level silicon debug, security validation, and penetration testing of CPUS, SOCs, and microcontrollers. He develops and delivers hardware security training at https://SecuringHardware.com, including Applied Physical Attacks on x86 Systems. In between, he keeps busy with contributions to the NSA Playset and other misdirected hardware projects, which he presents at all sorts of fun conferences... Read More →
MK

Matt King

Matt is a hardware security resarcher at a large semiconductor company.

Thursday September 10, 2015 19:35 - 20:29 BST
Track 2
  Track 2 Talk

Attendees (0)