So you want to find backdoors in Chinese BIOS...

Рет қаралды 4,302

Күн бұрын

In this video, I'll show you how you can dump the BIOS/UEFI and investigate it, analyze it, extract DXEs and load them all in Ghidra and try to find that "hidden backdoor" everyone's talking about. We'll use Flash programmer, Ghidra and many other tools in this video.
The dumped BIOS file: drive.google.c...
The extracted PE binaries:
drive.google.c...
#biosdump #uefi #ghidra #firmwareanalysis #backdoor #cybersecurity #reverseengineering #biosmodding #flashprogrammer #dxe #firmwarehacking #hardwarehacking #uefidump #bioshacking #firmware #biosanalysis #ghidratutorial #ghidraanalysis #securityresearch #vulnerabilityresearch #hiddenbackdoor #firmwareextraction #cyberforensics #malwareanalysis #hardwaresecurity #embeddedsecurity #flashdump #firmwaremodding #biosreverseengineering #securitytools #securityanalysis

Пікірлер: 20

@BrainSlugs83 Күн бұрын

That SPI ROM is 128 mega *bits* not *bytes*. It works out to 16 megabytes. You should share the ROM dump on the internet archive, for folks to look at, at home.

@TechnicallyUnsure Күн бұрын

You are right. I added links to the raw BIOS dump as well as extracted binaries in the video description. Thank you

@Phil-D83 Күн бұрын

Opnsense is a fork of pfsense- I prefer it

@NNasab-pm4le 10 сағат бұрын

Excellent job on this video.

@TechnicallyUnsure 10 сағат бұрын

Glad you liked it!

@ipgucker Күн бұрын

Beeindruckend! Danke!

@ericasante8545 Күн бұрын

lol moves from pfsense to Opnsense .. it’s pretty much the same just nicer interface

@xgeko2 Күн бұрын

there are some other good reason's. Driver and hardware support, opnsense has more packages. there are some other things that are different but opnsense was a project based on pfsense by some former pfsense developers which is why its very similar. Honestly opnsense in my opinion is in a better spot that pfsense at the moment.

@AntonMaltsev 17 сағат бұрын

Thank you for the video it was quite curious! What about boards with their own version of the operating system, such as Radxa Debian, Orange Pi Debian, etc.? Without their version of OS, there will be no access to drivers (NPU, decoding-encoding acceleration, etc.).

@r0galik 14 сағат бұрын

What do you mean? You can flash many third party systems onto arm boards, in fact the first party OSes usually suck and often don't support GPU, video encode/decode etc.

@AntonMaltsev 12 сағат бұрын

@@r0galik let's look at the NPU. For example, Rock5 or OrangePi 5 (RK3588 with NPU). There are no open-source drivers for it (there is project from Tomeu Vizoso but with limitations). The only way to use NPU - take official image from Radxa|OrangePi with pre-build binaries for the system. Same problems with a lot of different devices (NXP, MediaTek, Sophon, etc.)

@r0galik 11 сағат бұрын

@@AntonMaltsevI think you can use the NPU any system with the BSP kernel (Armbian, Joshua Riek Ubuntu etc).

@AntonMaltsev 11 сағат бұрын

@@r0galik , it's a matter of luck if the pre-built binary with drivers will work in a different system. Sometimes it may, but there is no guarantee.

@r0galik 11 сағат бұрын

@@AntonMaltsev it's a matter of luck what works with the first party distros as well, as some devices are better supported by third party systems. So I don't get the argument. Besides, Raspberry Pi is guilty of this too.

@maksiodzidek1 Күн бұрын

Good job

@kentang902 Күн бұрын

Pin for flash ic eeprom 1,2,4,5,6,8 ...

@Rushil69420 Күн бұрын

Actually I wanna find [NSA]backdoors in Western consumer tech but I don’t have a CS degree or a desire to end up on a watchlist lol

@BrainSlugs83 Күн бұрын

They just do it in the open. They mandate companies like Intel and AMD to do it and call it a feature, e.g. Intel Management Engine, and AMD Platform Security, etc.