Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Dreamboot - A UEFI Bootkit

Hack In The Box Security Conference via YouTube

Overview

Explore the security implications of UEFI firmware and learn how to implement a bootkit for Windows 8 x64 in this 57-minute conference talk from Hack In The Box Security Conference. Dive into the architecture of UEFI from a security perspective, focusing on the Dreamboot bootkit implementation. Discover how Dreamboot exploits UEFI firmware for privilege escalation and Windows local authentication bypass. Gain insights into UEFI development using Tianocore SDK and understand the new security risks associated with its deployment. Follow the evolution of the Windows boot process from BIOS to UEFI implementation, and examine detailed bootkit implementation techniques. Learn about reverse engineering, cryptanalysis, and low-level code analysis on Microsoft platforms from senior security researcher Sebastien Kaczmarek.

Syllabus

Intro
Boot process - BIOS mode
What's inside?
Architecture
UEFi vs BIOS API
UEFI development
Protocols and objects
Protocols - guid
Protocols - locate windows bootloader
What about security?
Boot process - UEFI mode
Bootloader debugging
Dreamboot?
Global process
In practice
NX bit (No Execute)
Kernel hooking
Patching and Write Protect flag
Bypass local authentication
Privileges escalations
Conclusion

Taught by

Hack In The Box Security Conference

Reviews

Start your review of Dreamboot - A UEFI Bootkit

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.