Identify Bootloader main() and find Button Press Handler - Hardware Wallet Research #5

Channel:

Subscribers:

920,000

Published on February 1, 2019 11:55:28 AM ● Video Link: https://www.youtube.com/watch?v=yJbnsMKkRUs

Duration: 13:16

47,969 views

1,461

Now that we know where the firmware starts, we want to find how button presses are handled and where it might handle the APDU commands.

research: https://wallet.fail
AVR Firmware: https://www.youtube.com/watch?v=hyoPAOTrUMc
ZetaTwo: https://www.youtube.com/user/ZetaTwo

DISCLAIMER: The security research shown here was done a while ago and since then the software and hardware was updated; These videos are not sponsored or endorsed by Ledger.

-=[ ❤️ Support ]=-

→ per Video: https://www.patreon.com/join/liveoverflow
→ per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join

-=[ 🐕 Social ]=-

→ Twitter: https://twitter.com/LiveOverflow/
→ Website: https://liveoverflow.com/
→ Subreddit: https://www.reddit.com/r/LiveOverflow/
→ Facebook: https://www.facebook.com/LiveOverflow/

-=[ 📄 P.S. ]=-

All links with "*" are affiliate links.
LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm.

#ReverseEngineering #HardwareSecurity

Other Videos By LiveOverflow

2019-03-24	Weird Return-Oriented Programming Tutorial - bin 0x2A
2019-03-17	Introducing Weird Machines: ROP Differently Explaining part 1 - bin 0x29
2019-03-10	Ethereum Smart Contract Backdoored Using Malicious Constructor
2019-03-06	[Live] GHIDRA HYPE!! - NSA Reverse Engineering Tool
2019-03-03	Rediscovering the f00dbabe Firmware Update Issue - Hardware Wallet Research #7
2019-02-24	Analysing a Firefox Malware browserassist.dll - FLARE-On 2018
2019-02-17	What is a Security Vulnerability?
2019-02-11	Games & Results: Gynvael's Winter GameDev Challenge 2018/19
2019-02-10	APDU Communication between Device and Host - Hardware Wallet Research #6
2019-02-05	Forensics with fls, Volatility and Timeline Explorer - ft. 13cubed
2019-02-01	Identify Bootloader main() and find Button Press Handler - Hardware Wallet Research #5
2019-01-25	Setup and Find Entry-point in ARM Firmware - Hardware Wallet Research #4
2019-01-21	XS-Search abusing the Chrome XSS Auditor - filemanager 35c3ctf
2019-01-21	[Live] Making-of a LiveOverflow CTF video write-up 2019 (35c3ctf)
2019-01-18	Remote Debugging ARM Chip with SWD/JTAG - Hardware Wallet Research #3
2019-01-11	Looking at the PCB & Chips - Hardware Wallet Research #2
2019-01-07	Support LiveOverflow: Patreon & YouTube Membership
2019-01-04	Threat Models - Hardware Wallet Research #1
2019-01-01	Gynvael's Winter GameDev Challenge 2018/19
2018-12-28	Hardware Wallet Hack: Ledger Nano S - f00dbabe
2018-12-25	Jump Oriented Programming: Ethereum Smart Contract #2 - Real World CTF 2018

Tags:

Live Overflow

liveoverflow

hacking tutorial

how to hack

exploit tutorial

arm firmware

cortex-m0

button press

gpio

gpios

button read

interrup

gdb

swd

jtag

ledger nano s

hardware security

hardware research

reverse engineering

bootloader

main()

ida

xref

security research

avr

arduino

iot

internet of things

hacking

reversing