::: left till the conference

Exploiting checkm8 with unknown SecureROM for the T2 chip

12:20
45 min
Main Stage

The checkm8 exploit appeared a long time ago, and you can find a lot of materials about it in the public domain. However, the question remains, how the SecureROM of a certain device was originally obtained to adapt different offsets of the exploit for it? Earlier, Alex demonstrated the method of initial firmware dumping for S5L8747X (Haywire) and S7002 (AppleWatch) chips. In this talk, he will show a much more complex method that will work on devices with WXN, using T2 as an example.

Speakers
Alex Kovrizhnykh

Information security expert specialized in reverse engineering

Share
Other Reports
Defensive Track
Container escapes: Kubernetes edition
Main Stage
Trojans and backdoors in feature phones sold in Russia
Main Stage
Hacking KaiOS
Up