First talks of ZeroNights 2021 main program
The submission deadline is getting closer. The program committee is ready to generously reward you for an exclusive 45-min Offensive Security talk.
We are happy to share the first news about the ZeroNights 2021 speakers. Here are some talks of the main program.
Exploiting checkm8 with unknown SecureROM for the T2 chip
The checkm8 exploit appeared a long time ago, and you can find a lot of materials about it in the public domain. However, the question remains, how the SecureROM of a certain device was originally obtained to adapt different offsets of the exploit for it? Earlier, Alex demonstrated the method of initial firmware dumping for S5L8747X (Haywire) and S7002 (AppleWatch) chips. In this talk, he will show a much more complex method that will work on devices with WXN, using T2 as an example.
LPE в Ring -3 / Intel ME
This talk is about the exploitation of bugs in the ME system component through the IPC mechanism. To escalate our privileges, we have to get arbitrary access to the file system’s objects, bypass the integrity checks of the launched modules and metadata with access rights attributes, and launch a custom module to read/write to the host system’s memory.
ZN will take place in St. Petersburg, Sevkabel Port. Guests will have an opportunity to ask questions, talk to speakers during and after the talks, and participate in the activities and contests.
You can buy tickets for the event by the link.