Walter Benjamin’s 1923 essay “The Task of the Translator” is a foundational text in the field of translation theory and its insights and commentary are evergreen as a framing device for approaching modern UEFI exploit development. This talk uses this essay as a jumping off point and dives into variadic approaches to modern UEFI exploit development.
If you’ve been haunted by the specter of Black Lotus stealing the spotlight as the most popular girl at the UEFI Bootkit party and want to pop some shells in ring -2 to blow off steam but don’t know where to start, then this talk is here to give you a crash course on UEFI reverse engineering and exploit development. This talk will also cover techniques that seasoned UEFI reverse engineers/exploit developers might find useful such as the comparative analysis of a UEFI quine written in 3 different assembly languages and its applications to UEFI cross-silicon exploitation, and ideas for how to make your PoCs spookier (aka not as boring).
The talk is split into two parts: part 1 focuses on the process for writing and then translating a self-replicating UEFI app from x86-64 to two other architectures; part 2 dives into the UEFI exploit development process for weaponizable vulnerabilities. Part 2 will focus on exploit development for SMM callout vulnerabilities and will explore different tools/frameworks/approaches for variations of the same exploit.
Nika Korchok Wakulich (aka ic3qu33n) is a hacker/reverse engineer/artist based in Brooklyn, NY. She is a Security Consultant at Leviathan Security Group where she works on a range of penetration testing engagements, with a focus on hardware, firmware and embedded security. Outside of work, she combines her artistic practice (woodcut prints, painting, drawing, etc.) with her independent security research on passion projects in different areas of security.
She has presented her security research at a number of InfoSec conferences including REcon, Hushcon, and BSides SF.
She is a contributing writing for a number of hacker zines, including tmp.0ut and VX-Underground Black Mass.
When she isn't making art, reverse engineering or making art as a part of her reverse engineering process, she enjoys learning languages, skateboarding, and taking long walks (à la Paul Erdös).
You can find her online, in a few of the various corners of the internet she frequents at:
- Twitter: @nikaroxanne
- GitHub: @ic3qu33n and @nikaroxanne
- Website/Portfolio: https://ic3qu33n.fyi
- Mastodon: ic3qu33n@infosec.exchange
- Keybase: @ic3qu33n
