{"id":11758,"date":"2023-03-20T08:31:53","date_gmt":"2023-03-20T08:31:53","guid":{"rendered":"https:\/\/conference.hitb.org\/hitbincyber2024\/product\/teepwn-breaking-tees-by-experience-hitb2023hkt\/"},"modified":"2023-03-27T05:38:29","modified_gmt":"2023-03-27T05:38:29","slug":"teepwn-breaking-tees-by-experience-hitb2023hkt","status":"publish","type":"product","link":"https:\/\/conference.hitb.org\/hitbincyber2024\/product\/teepwn-breaking-tees-by-experience-hitb2023hkt\/","title":{"rendered":"TEEPwn: Breaking TEEs by Experience"},"content":{"rendered":"

 <\/p>\n

\n
\n
\n
This 4-day TEEPwn course is one of two Raelize’s Pwn training courses. The other is BOOTPwn which is being held in Amsterdam on April 2023. To find out more about this April’s 4-day BOOTPwn course, click here.<\/a>
\n<\/strong><\/em><\/span><\/h5>\n
\n
\n<\/div>\n<\/div>\n<\/div>\n
\n
\n
\n
\n

ATTEND IN-PERSON<\/span>: Onsite in Phuket<\/strong><\/h4>\n

DATE: 21-24 August 2023<\/strong><\/h4>\n<\/div>\n

TIME: 09:00 to 17:00 ICT\/GMT+7<\/strong><\/h4>\n\n\n\n\n\n\n\n
Date<\/strong><\/td>\nDay<\/strong><\/td>\nTime<\/strong><\/td>\nDuration<\/strong><\/td>\n<\/tr>\n
21 Aug<\/td>\nMonday<\/td>\n0900-17:00 ICT\/GMT+7<\/td>\n8 Hours<\/td>\n<\/tr>\n
22 Aug<\/td>\nTuesday<\/td>\n0900-17:00 ICT\/GMT+7<\/td>\n8 Hours<\/td>\n<\/tr>\n
23 Aug<\/td>\nWednesday<\/td>\n0900-17:00 ICT\/GMT+7<\/td>\n8 Hours<\/td>\n<\/tr>\n
24 Aug<\/td>\nThursday<\/td>\n0900-17:00 ICT\/GMT+7<\/td>\n8 Hours<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n

Please note:<\/span><\/strong><\/h4>\n<\/div>\n<\/div>\n

The 4th<\/sup> day is an optional day, which may be used by the attendees to complete the left-over exercises. During this day, only online support is available via Discord. No in-person presence is available from the trainers nor required by the attendees.<\/p>\n

\n

 <\/p>\n

It’s notoriously hard to secure a Trusted Execution Environment (TEE) due to the interaction between complex hardware and a large trusted code base (TCB). The security provided by TEEs has been broken on a wide variety of devices, including mobile phones, smart TVs and even vehicles. Publicly disclosed TEE vulnerabilities were often exploited directly from the less-trusted Rich Execution Environment (REE). Many of these vulnerabilities were speandcific for TEEs and required novel exploitation techniques.<\/h5>\n

The TEEPwn experience provides an offensive system-level perspective and dives into the darker corners of TEE Security. It is designed with a system-level approach, where you will experience powerful exploitation of TEE vulnerabilities. The TEEPwn experience is hands-on, gamified and driven by an exciting jeopardy-style Capture the Flag (CTF).<\/p>\n

Your journey starts by achieving a comprehensive understanding of TEEs, where you will learn how hardware and software concur to enforce effective security boundaries. You will then use this understanding for identifying interesting vulnerabilities across the entire TEE attack surface. You will then be challenged along the path to exploit them in multiple scenarios. All vulnerabilities are identified and exploited on our emulated attack platform which implements an ARMv8 (64-bit) TEE based on ARM TrustZone.<\/p>\n

You will take on different roles, as an attacker in control of:<\/p>\n