TPM GPIO fail: How bad OEM firmware ruins TPM security
2024-06-01 18:36
In this article I demonstrate a software only attack that allows an operating system to set the PCRs of a discrete TPM device to arbitrary values and unseal any secret that uses a PCR based sealing policy (such as disk encryption keys used by unattended unlock TPM FDE schemes).
read post...
It's not just Bitlocker, all linux TPM encryption is broken too
2024-02-15 23:08
We demonstrate a bypass of Linux TPM FDE using a "tweezer reset attack"
read post...
Techniques for parsing C declarators
2022-05-01 20:01
In this article I explain why parsing C declartors is rather difficult, and then describe a set of algorithms with different trade-offs to solve the problem.
read post...
CVE-2020-14372: Secure Boot bypass using GRUB2
2021-05-22 17:11
Bypassing (not so) Secure Boot with one "simple trick"
read post...
HackTheBox Traverxec
2020-04-16 15:39
How to own Traverxec on HackTheBox
read post...