On the Nose - Bypassing Huawei's Fingerprint Authentication by Exploiting the TrustZone

On the Nose - Bypassing Huawei's Fingerprint Authentication by Exploiting the TrustZone

via YouTube Direct link

Intro

1 of 17

1 of 17

Intro

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

On the Nose - Bypassing Huawei's Fingerprint Authentication by Exploiting the TrustZone

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 The Goal
  3. 3 The modern mobile security architecture
  4. 4 The exploit chain
  5. 5 Disclaimer - Chipset determines the TEE
  6. 6 Huawei's Trustzone system architecture
  7. 7 Userland to Kernel
  8. 8 Bug #2- A custom unmap implementation?
  9. 9 Exploitation - Redirecting the fops table
  10. 10 Kernel to Trustlet
  11. 11 Into to the Secure World - Passing args to a Trustlet
  12. 12 Exploitation - Hijacking TEE_Malloc
  13. 13 Trusted Core Environment
  14. 14 Trusted Core - Finding Primitives
  15. 15 Disable Fingerprint Auth • Find trustle responsible for recognizing Fingerprints
  16. 16 Follow the userland daemon
  17. 17 Finding and patching

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.