avatar

Hyrathon's Blog

Wideshears: Investigating and Breaking Widevine on QTEE

针对QTEE+Widevine的漏洞挖掘与利用 摘要 🔗Widevine is a DRM solution, and QTEE is the TrustZone implement of Qualcomm, both running on billions of devices. In this presentation, we will share our latest study of Widevine on QTEE. We will first explain why QTEE and Widevine are high-value targets and share the basics about them in brief. After the opening, we will show how to locate the command handling logic and get the logic explained to show how we found a vulnerability.

Hunting in the Near Field: An Investigation of NFC-related Bug in Android

2019年Hitcon上分享的议题, 有关于Android平台NFC协议栈 摘要 🔗Android system has been investigated for a decade, and fewer attack surfaces survive the crowded bug hunters. NFC is one of the lucky untapped areas until recently. In this topic, our team will share our recent study of Android NFC attack surface, together with some lore and related knowledge. As a start, basic information about NFC and its protocol stack on Android will be briefed. Then, we will enumerate the attack surfaces related to NFC, explaining the value and difficulty of each and show why and how we pick the targets we focus on.

About

About Me 🔗I am a security researcher from Qihoo 360, mainly focusing on Android related targets. I have been looking into some attack surfaces like NFC, Binder, Media Codecs and TrustZone. Find me as: Twitter: @JHyrathon Wechat: hyrathon Mail: hyrathon@gmail.com Presentations 🔗[HITCON 2019] Hunting in the Near Field: An Investigation of NFC-related bugs of Android [Blackhat Asia 2021] Wideshears: Investigating and Breaking Widevine on QTEE Hunted Bugs 🔗 Some of the PoCs can be found here: https://github.