启动漏洞:搜寻 Windows 安全启动的远程攻击面.pdf

编号:981910 PDF 86页 13.13MB 下载积分:VIP专享
下载报告请您先登录!

1、#BHUSA BlackHatEventsBooting into BreachesHunting Windows SecureBootsRemote Attack SurfacesAzure Yang CyberKunlun#BHUSA BlackHatEventsAbout meAzure Yang 4zure9Security Researcher Cyber Kunlun|MSRC MVR(20222025)Started journey into Windows security from late 2021 Discovered 79 public CVEs in Windows

2、security,specializing in bootloaders,remote vulnerabilities.Ranked#5 on MSRCs 2024/2025 annual Windows Leaderboard and#2 in 2023Q4 for SecureBoot research.Retired CTF player,DEF CON CTF Black Badge owner.Blending offensive expertise into defensive evolution.#BHUSA BlackHatEventsAgenda Background Att

3、ack surface in bootloader Network protocol BCD Registry Security Policy Filesystem Logic flaw How to fuzz Attack surface beyond bootloader Future Work&Take Aways#BHUSA BlackHatEventsWhy Explore SecureBoot?Exploring unknown area is attractive for researcher The foundation of computer security starts

4、with SecureBoot process SecureBoot vulnerabilities in Windows is rare in past decade.#BHUSA BlackHatEventsSecureBoot The bigger picture Mobile Hardware lockout implementation PC UEFI Using digital signatures and certificates to establishing a chain of trust from hardware to OS#BHUSA BlackHatEventsMo

5、bile Secureboot#BHUSA BlackHatEventsSecureBoot Where is enforced#BHUSA BlackHatEventsWhat makes the SecureBoot breaches Despite fixed in code and the updates has already been shipped,all my 32 Secure Boot Vulnerabilities findings still exploitable by default PCA2011 gets expired in 2026 PCA2023 UEFI

6、 var DBX 32K limit Compatibility issue#BHUSA BlackHatEventsFixed in CVETitleIn wildScoreCVSS2016-Jul CVE-2016-3287Secure Boot Security Feature Bypass VulnerabilityFALSE6.2CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C2016-Aug CVE-2016-3320Secure Boot Security Feature Bypass Vulnerability

友情提示

1、下载报告失败解决办法
2、PDF文件下载后,可能会被浏览器默认打开,此种情况可以点击浏览器菜单,保存网页到桌面,就可以正常下载了。
3、本站不支持迅雷下载,请使用电脑自带的IE浏览器,或者360浏览器、谷歌浏览器下载即可。
4、本站报告下载后的文档和图纸-无水印,预览文档经过压缩,下载后原文更清晰。

本文(启动漏洞:搜寻 Windows 安全启动的远程攻击面.pdf)为本站 (竿头日上) 主动上传,三个皮匠报告文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知三个皮匠报告文库(点击联系客服),我们立即给予删除!

温馨提示:如果因为网速或其他原因下载失败请重新下载,重复下载不扣分。
客服
商务合作
小程序
服务号
折叠