Explore a detailed security conference talk from DEF CON 31 that reveals the journey of discovering RingHopper, a method for escalating privileges from user-land to System Management Mode (SMM). Learn about industry-wide vulnerabilities found in UEFI implementations across eight major vendors that affected billions of devices. Dive deep into SMM exploitation techniques, understanding both successful and unsuccessful approaches to gaining code execution through edk2 functionalities. Discover various privilege escalation methods on Windows and Linux systems through vulnerability chaining, culminating in a demonstration of RingHopper's capability to transition from user-space to SMM. Follow along this 40-minute technical presentation that uncovers the researchers' methodology, challenges, and ultimate success in identifying and responsibly disclosing these critical security findings.
Overview
Syllabus
DEF CON 31 - Ringhopper - How We Almost Zero day’d the World - Benny Zeltser, Jonathan Lusky
Taught by
DEFCONConference