Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

IOMMU and DMA Attacks

NorthSec via YouTube

Overview

Explore the intricacies of Direct Memory Access (DMA) attacks and Input Output Memory Management Unit (IOMMU) in this 34-minute conference talk from NorthSec 2020. Delve into the security implications of DMA technology, which allows peripherals to access RAM without CPU involvement. Gain insights into IOMMU functioning and its integration within Windows, macOS, and Linux operating systems. Examine existing DMA attacks using external peripherals on active computers, with a focus on IOMMU bypassing techniques on macOS up to version 10.12.4. Learn how these attacks can provide access to valid logon sessions even when the computer is locked. Discover the speaker's background in penetration testing and reverse engineering, and get a glimpse into the French RAPID project, DMArvest. Follow the comprehensive roadmap covering topics such as peripheral domains, hypervisors, VBS, Intel IOMMU, Apple IOMMU, custom UEFI protocols, and practical examples using FPGA and Thunderbolt on Windows.

Syllabus

Intro
Welcome
Presentation
Roadmap
Disclaimer
IO MMU
Peripheral Domains
Hypervisor
What is DMA
VBS
Linux IOMMU
Intel IOMMU
Apple IOMMU
Custom UEFI protocol
IO mapping class
IOMU workflow
Password checking patch
Prerequisites
FPGA example
Mac OS
Network packets
MX
MX flag set
DMA access
Apple patch
Conclusion
DMA projects
Thunderbolt on Windows
First schematic
Questions

Taught by

NorthSec

Reviews

Start your review of IOMMU and DMA Attacks

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.