Difference between revisions of "Android TrustZone"

From YobiWiki
Jump to navigation Jump to search
m
m
 
(3 intermediate revisions by the same user not shown)
Line 1: Line 1:
   
 
A very valuable series of posts to understand TrustZone and more specifically QSEE
 
A very valuable series of posts to understand TrustZone and more specifically QSEE
* http://bits-please.blogspot.be/2015/03/getting-arbitrary-code-execution-in.html
+
* http://bits-please.blogspot.com/2015/03/getting-arbitrary-code-execution-in.html
* http://bits-please.blogspot.be/2015/08/exploring-qualcomms-trustzone.html
+
* http://bits-please.blogspot.com/2015/08/exploring-qualcomms-trustzone.html
* http://bits-please.blogspot.be/2015/08/full-trustzone-exploit-for-msm8974.html
+
* http://bits-please.blogspot.com/2015/08/full-trustzone-exploit-for-msm8974.html
* http://bits-please.blogspot.be/2015/08/android-linux-kernel-privilege.html
+
* http://bits-please.blogspot.com/2015/08/android-linux-kernel-privilege.html
* http://bits-please.blogspot.be/2016/01/android-privilege-escalation-to.html
+
* http://bits-please.blogspot.com/2016/01/android-privilege-escalation-to.html
* http://bits-please.blogspot.be/2016/04/exploring-qualcomms-secure-execution.html
+
* http://bits-please.blogspot.com/2016/04/exploring-qualcomms-secure-execution.html
* http://bits-please.blogspot.be/2016/05/qsee-privilege-escalation-vulnerability.html
+
* http://bits-please.blogspot.com/2016/05/qsee-privilege-escalation-vulnerability.html
  +
* http://bits-please.blogspot.com/2016/05/war-of-worlds-hijacking-linux-kernel.html
  +
* http://bits-please.blogspot.com/2016/06/trustzone-kernel-privilege-escalation.html
  +
* http://bits-please.blogspot.com/2016/06/extracting-qualcomms-keymaster-keys.html
   
 
Reconstructing a QSEE Trustlet as valid ELF:
 
Reconstructing a QSEE Trustlet as valid ELF:
Line 14: Line 17:
 
Exploits
 
Exploits
 
* https://github.com/laginimaineb/MSM8974_exploit
 
* https://github.com/laginimaineb/MSM8974_exploit
  +
* https://github.com/laginimaineb/WarOfTheWorlds
  +
* https://github.com/laginimaineb/cve-2015-6639
  +
* https://github.com/laginimaineb/cve-2016-2431
   
 
TrustZone more generally
 
TrustZone more generally

Latest revision as of 16:31, 2 July 2016