![DEF CON 23 [Audio] Speeches from the Hacker Convention artwork](https://is5-ssl.mzstatic.com/image/thumb/Podcasts123/v4/c3/f8/7e/c3f87e44-fc95-645c-620b-3c8e5117429e/mza_5097239825481086059.jpg/100x100bb.jpg)
Joe FitzPatrick & Matt King - NSA Playset: JTAG Implants
DEF CON 23 [Audio] Speeches from the Hacker Convention
English - October 09, 2015 23:36 - 41.8 MB - ★★★ - 4 ratingsTechnology Education How To def con defcon hacking hacker conference computer security security research defcon 23 def con 23 dc-23 dc23 Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Materials Available here: https://media.defcon.org/DEF%20CON%2023/DEF%20CON%2023%20presentations/DEFCON-23-Joe-FitzPatrick-Matt-King-NSA-Playset-JTAG-Implants-UPDATED.pdf
Extras Here: https://media.defcon.org/DEF%20CON%2023/DEF%20CON%2023%20presentations/DEFCON-23-Joe-FitzPatrick-Matt-King-Extras.rar
NSA Playset: JTAG Implants
Joe FitzPatrick SecuringHardware.com
Matt King Security Researcher
While the NSA ANT team has been busy building the next generation spy toy catalog for the next leak, the NSA Playset team has been busy catching up with more open hardware implementations. GODSURGE is a bit of software that helps to persist malware into a system. It runs on the FLUXBABBIT hardware implant that connects to the depopulated JTAG header of certain models of Dell servers.
This talk will introduce SAVIORBURST, our own implementation of a jtag-based malware delivery firmware that will work hand-in-hand with SOLDERPEEK, our custom hardware design for a standalone JTAG attack device. We will demonstrate how to this pair enables the persistent compromise of an implanted system as well as release all the hardware and software necessary to port SAVIORBURST and SOLDERPEEK to your jtag-equipped target of choice. Anyone curious to know more about JTAG, regardless of previous hardware experience, will learn something from this talk.
Joe has spent a decade working on low-level silicon debug, security validation, and penetration testing of CPUS, SOCs, and microcontrollers. He develops and delivers hardware security training at https://SecuringHardware.com, including Software Exploitation via Hardware Exploits and Applied Physical Attacks on x86 Systems. In between, he keeps busy with contributions to the NSA Playset and other misdirected hardware projects.
Twitter: @securelyfitz
Matt is a hardware designer and security researcher who has over a decade of experience designing, securing and exploiting hardware test and debug features on CPUs and SoCs. When not performing pointless hardware tricks Matt tries to help educate integrated circuit designers on the risks posed by hardware debug capabilities.
Twitter: @syncsrc