Reversing SR-IOV For Fun and Profit

ShmooCon XV - 2019

Presented by: Adir Abraham
Date: Sunday January 20, 2019
Time: 11:00 - 11:50
Location: Main Room
Track: Bring It On

We are surrounded with PCIe devices everywhere. They are in charge of interconnecting extremely important and exciting functionalities inside and outside our systems.

Have you ever been wondering how to explore and reverse engineer those devices and their functionalities? SR-IOV (Single-Root I/O Virtualization) is a peripheral component interconnect (PCI) standard for sharing PCIe devices within a single computer.

In this talk I will provide thorough background of PCIe devices and the standard. Afterwards, I will share my research experience and explain how SR-IOV PCIe devices can be reverse engineered, what information we can get, how to find vulnerabilities in PCIe devices, and what we can learn from those findings.

Adir Abraham

Adir Abraham (@adirab) is a reverse engineer and a vulnerability researcher at Intel, with more than 15 years of experience as a cybersecurity researcher and exploit developer. He likes to learn new and cutting-edge technologies, break them, and explore anything from low-level SW to HW vulnerabilities and build exploitation scenarios accordingly. Recently, he also took part in the CTF organizers team of BSidesTLV. He holds a BSc degree in CS education and a BA degree in Economics–both from the Technion. He is also CISSP, CCSK, and CySA+ certified.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats