Olivia
Online
CHIPSEC
@CHIPSEC
Open Source Platform Security Assessment Framework
Joined April 2014
18 Following
2.4K Followers
513 Posts
Want to make your own persistent rootkit?
Just sign your native windows binary with one of Hacking Team's revoked code signing certificates and you are all set!
https://t.co/exqAYnxR4S
Certificate: https://t.co/h3rVU7hRt7
Added new module to dump and parse the Windows SMM Mitigations Table.
Who to follow
Xeno Kovah
@XenoKovah
Interested in reverse engineering, firmware, bluetooth, trusted computing, and training. Founder of OpenSecurityTraining2 https://t.co/slK2fsMRwU
REcon 
@reconmtl
REcon: Annual reverse engineering and security conference held in Montreal.
Alex Matrosov
@matrosov
Security REsearch @Anthropicai · Breaking & Fixing AI Failure Modes | Founder @binarly_io · @SBOM_Tools · @REhints | Author “Rootkits & Bootkits" (https://t.co/1wd2dfYHY6)
@CHIPSEC now exposes the common.smm_code_chk module that verifies MSR_SMM_FEATURE_CONTROL is configured properly to mitigate SMM callout vulnerabilities.
Now, cross your fingers and pass this address as an additional argument to the CHIPSEC command. If all goes well, CHIPSEC should now be able to scan the boot script for any potential call-out vulnerabilities.
Disclaimer: I only tried this on my own computer. Use at your own risk!
Great point. Can also think of improving s3bootscript module to dump NVRAM directly (rather than read from runtime) and look up the AcpiGlobalVariable in NVRAM
If you ever encountered a machine where @CHIPSEC fails to obtain and parse the S3 boot script, chances are the 'AcpiGlobalVariable' (which should contain the pointer to the boot script) simply doesn't have the 'Runtime' attribute, and therefore it can't be enumerated from the OS.
TrickBot Now Offers ‘TrickBoot' @VK_Intel @IntelAdvanced and @Eclypsium have discovered a new module in the TrickBot toolset aimed at detecting UEFI / BIOS firmware vulnerabilities, enabling #malware to persist, brick, and profit. #TrickBoot
https://t.co/rIBlotTwzN
@CHIPSEC 1.5.6 has been released! Check it out: https://t.co/GqWBKWhz3K
Use @CHIPSEC to play with UEFI variables. Lots of cool stuff there.
OS sees a lot fewer variables that there is stored in NVRAM
The first part of @liba2k and mine research on UEFI just went online. This time it's merely a refresher on how to dump SPI flash memory, but the next posts in the series will be more innovative and discuss techniques to reverse, debug and fuzz UEFI drivers
https://t.co/NlUu4R2lhm
Eclypsium researchers discovered #BootHoleVulnerability in the GRUB2 bootloader that can be used to gain arbitrary code execution on majority of Linux and Windows based systems, even when they are not using GRUB and Secure Boot is enabled. https://t.co/9jc26InmfA
Last Seen Users on Sotwe
Clubboy_X
Seen from Argentina
trai văn phòng cà mau
Seen from Vietnam
Xhdjdj Djdkdkdl
Seen from Thailand
JK69🔞
Seen from United States
PECANDU MANTAN
Seen from Indonesia
MasterBrutal 🔥🔥🔥
Seen from Singapore
Solo
Seen from Indonesia
🎀 Sofia 🎀
Seen from United States
tu_lecheroxxx27
Seen from Peru
ToiletPOV.com
Seen from Singapore
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.9M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.5M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.1M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
59.9M followers