|=------------------------------------------------------------------------------------------------=|

 ########  ######## ########  ######   #######  ##    ##    ########   #######  ##     ## ######## 
 ##     ## ##       ##       ##    ## ##     ## ###   ##    ##     ## ##     ## ###   ### ##       
 ##     ## ##       ##       ##       ##     ## ####  ##    ##     ## ##     ## #### #### ##       
 ##     ## ######   ######   ##       ##     ## ## ## ##    ########  ##     ## ## ### ## ######   
 ##     ## ##       ##       ##       ##     ## ##  ####    ##   ##   ##     ## ##     ## ##       
 ##     ## ##       ##       ##    ## ##     ## ##   ###    ##    ##  ##     ## ##     ## ##       
 ########  ######## ##        ######   #######  ##    ##    ##     ##  #######  ##     ## ######## 
 
|=------------------------------------------------------------------------------------------------=|

                                 DEF CON group 11396 @ Rome, Italy
                                
                               [Main] [Meetings] [Posts] [Projects] 


|=--------------------------------------=[ November 2019 ]=---------------------------------------=|

by malweisse
This is the 10th meeting of the DEF CON group. Date and location: November 29th from 5.30 p.m. to 7 p.m. in the B2 room at the Department of Computer, Control, and Management Engineering (DIAG) Antonio Ruberti at Sapienza University of Rome. The schedule is: ---[ SIM cards: the new frontier of mobile exploitation, back from the past, by gdl_jotaro_sama The tiny SIM cards all of us have in our mobile phones are actually much more complex than one may think. Over the last few years, SIM card security vulnerabilities have been found and attacks exploiting them are starting to grow, culminating in the recently discovered Simjacker. ---[ How to reverse a firmware without pain, by cristianrichi3 and chqmatteo An introduction to the art of firmware reverse engineering using as example the TRX success at CSAW Embedded Security Challenge. We will start from a static analysis point of view using the NSA tool Ghidra, talking about how it behaves with our testcase. Further on we will be talking about the difficulties we experienced when working with dynamic analysis showing for the first (actually second) time the Ghidra function emulator that lead us to the victory!