AppSec

NoNameBadge 2020: monitors air quality around you

Last year’s badge received surprisingly positive feedback from conference visitors. A whole fan community emerged around it that has since created numerous projects using badge hardware. Now that we have a certain level of expectations set let’s dive deep into implementation 😎 This year, the concept of the badge has changed a bit. We decided not to use ready-made dev boards, but to develop the entire board from scratch.

STM32 Shellcode: firmware dump over UART

RCE (remote code execution) is a complete attack that uses such an exploit. In order to perform it, one writes shellcode functions to the buffer and puts the shellcode address to the stack pointer. As a result, the code that is written to the buffer gets executed.

Stack Buffer Overflow in STM32

Modern microcontrollers are similar to 10–20-year-old computers not only by computing power but also by their vulnerabilities. We’ll talk about the almost forgotten class of vulnerabilities, which stop being purely academic and transition to a new wave of popularity.

Reverse engineering STM32 firmware

MCU manufacturers usually provide protection of the non-volatile memory from read-out by debugging probes. At first glance, the main problem of cloning the firmware of the device is solved. However, having obtained unencrypted firmware one can analyze the workflow of the code, and even change it as they wish.


We write about such stuff on TechMaker Facebook page and teach it at Courses