image image
Quarkslab Team

Attacking ARM TrustZone

22nd - 24th January 2020 | 3 Days


Joffrey Guilbon, Maxime Peterlin, Romain Thomas & Tom Czayka


The increasing popularity of connected devices in recent years has led manufacturers to put a greater emphasis on security, finding themselves in need of robust designs that would protect their users. From these requirements emerged the ARM TrustZone, a system-wide hardware isolation technology. It introduces a trusted Secure World that can process code and data while ensuring their integrity and confidentiality. This Secure World can also watch over the user-controlled (and therefore untrusted) Normal World to verify its integrity, similarly to the mechanism implemented in Samsung's TIMA. It can also access hardware peripherals, such as keyboards, screens or cryptoprocessors, in a secure and isolated manner to create trusted UIs, implement DRMs, etc. All the sensitive data and the critical interruptions are directly handled by the Secure World without ever passing through the Normal World.

During this practical three-day training, attendees will be introduced to the ARM TrustZone technology, the related problematics and how they can be answered using both hardware and software components using Samsung's TrustZone to illustrate the course. Once the OS running in the Trusted Execution Environment, or TEE-OS for short, has been extracted by the trainees on Samsung’s Exynos based Android platforms, they will be reverse-engineered to list the entry points, the differences with other TEE-OSs, the communication mechanisms, etc. The course will then focus on how to extract, reverse-engineer and communicate with trusted applications and secure drivers. Ultimately, the main objective of the training is for the attendees to get arbitrary code execution in the secure OS on Exynos by exploiting multiple, now-fixed, vulnerabilities in different components (Trustlets, Secure Driver and TEE-OS). The course ends by providing different tips to go further and presents some post-exploitation ideas.

Who Should Attend?

The training is optimally suited for:

  • Individuals interested by the ARM TrustZone technology, how it works, how it’s implemented and how to break it.
  • Security researchers who wish to assess the security of ARM TrustZone implementations and its components.
  • Software engineers developing on ARM TrustZone who would like to understand how an attacker could compromise the system.

Key Learning Objectives

This training introduces and details ARM TrustZone technologies through presentations and practical exercises on Samsung’s implementation. No pre-requisite in terms of knowledge on ARM TrustZone is needed for this course. At the end of the training, the participants will have gained a solid understanding of the underlying mechanisms used in popular ARM TrustZone implementations as well as developed tools and insights to perform reverse engineering, vulnerability research and exploitation efficiently. The main objective of this training is to gain code execution in EL3 by exploiting, now fixed, vulnerabilities found in a Trusted Application, a Secure Driver and the TEE-OS on certain past Android versions available for the Samsung Galaxy S6/S7 models. The different steps leading up to this objective are described in the agenda.

Agenda Day 1

  • Introduction to Secure Booting and Trusted Execution Environment (problematics answered, common usages, etc.)
  • Introduction to the ARM TrustZone technology
  • TEE-OS extraction from Samsung Exynos-based Android platforms
  • Basics of TEE-OS reverse engineering, entry points for an attacker and analysis of the attack surface
  • Analysis of kernel components enabling communication with ARM Trustzone elements
  • Trusted Application extraction from Samsung Exynos-based Android platforms
  • Reverse engineering of Trusted Applications

Agenda Day 2

  • Development of a tool to discuss with Trusted Applications
  • Vulnerability research and exploitation on a Trusted Application
  • Pivoting to other trusted components (TEE-OS, secure drivers, etc.)

Agenda Day 3

  • Vulnerability research and exploitation on a Secure Driver
  • Vulnerability research and exploitation on the Operating System
  • Pivoting to other components (Secure Monitor)
  • Introduction, use and internals of TrustPwn, a post-exploitation framework

Prerequisite Knowledge

  • A basic understanding of ARMv7/ARMv8 ISA
  • A basic understanding of the main exploitation techniques

Hardware / Software Requirements:

  • Python 3.7
  • adb
  • An IDA license or Ghidra. All tools used and developed for this training are compatible only with Ghidra or IDA 7.0+
  • Galaxy S6/S7 (one per participant) -> they will be provided by Quarkslab

Trainers Info:

Joffrey Guilbon is a Security Researcher previously working at Quarkslab on mobile and embedded systems. His work includes low-level systems, reverse engineering (on several targets such as operating systems, trusted execution environment components, secure boot implementations, bootroms, etc.), vulnerability research, binary exploitation, and tools development to ease things out. In his free time he enjoys participating in Capture The Flag (CTF) competitions and in open-source projects (IDArling for example).
Twitter: @patateQbool

Maxime Peterlin is a Security Researcher working in Quarkslab’s embedded & hardware team. His day-to-day work includes reverse engineering, studying low-level systems, vulnerability research, binary exploitation and tools development. Occasionally, he enjoys participating in Capture the Flag competitions and pursuing his research during his own time.
Twitter: @pandasec_

Romain Thomas is a Security Engineer working at Quarkslab on the development of new tools to assist security researchers. He is also interested in Android internal, (de)obfuscation and software protections. He previously contributed to the Triton project, a dynamic binary analysis framework.
Twitter: @rh0main

Tom Czayka is a security researcher working at Quarkslab. He is interested in everything related to Android operating system, especially internals. He is keen on reverse engineering, instrumentation, fuzzing and low-level programming. As well, he is into developing tools which assist reverse engineers and make their work easier.
Twitter: @bla5r