image image

Xeno Kovah

x86-64 Intel Firmware Attack & Defense

Trainer: Xeno Kovah

Date: 30th Oct to 01st Nov 2023

Time: 9:00am to 5:00pm CEST

Venue: Marriott Hotel, The Hague, Netherlands

Training Level: Advanced

Please note: the training ticket does not include access to the conference. Similarly, the conference ticket does not grant access to the trainings. If you have any questions, reach out to us.

Training type:

Online or in-person

Training Objectives:

  • Understand the original 16-bit "Real Mode" which the x86 CPU reset vector executes in.
  • Understand 16-bit segmentation & assembly.
  • Understand the evolution of Intel chipsets, and how to find the manual which corresponds to any given hardware.
  • Understand how firmware uses IO to configure Intel and 3rd party hardware at boot time.
  • Understand how firmware interacts with PCIe devices at boot time, both within the CPU/chipset, and 3rd party peripherals.
  • Understand the core purposes of PCIe Option ROMs, but also how they can be used by attackers.
  • Being capable of manually reading/writing the firmware-storage SPI flash through the register interface.
  • Understand the protection mechanisms for the SPI flash and how they can be bypassed.
  • Understand the protection mechanisms for System Management Mode how they can be bypassed.
  • Understand how Chipsec can be used to assess the security posture of a firmware for both attack and defense.
  • Understand how the ACPI S3 "sleep" power state can be used to attack systems.
  • Being comfortable with Reading The Fun Manual(!) to go seek out the most accurate details of how things work.
  • Understand the architecture of UEFI-based firmware and the division of labor between its various boot stages
  • Being capable of writing and debugging code for inclusion in
  • Understand how to decompose a UEFI firmware image for reverse engineering only the subset you're interested in
  • Understand the most important attack surfaces for UEFI-based firmware

One-of-a-kind Class Format!

This class is run a little different from most classes. We provide you purpose-built recorded lectures instead of trapping you in realtime with live-lectures. The instructor is then specifically in attendance to answer your questions as soon as you have them! The less other students ask questions, the more this class ends up looking like a 1:1 tutoring session for you!

One of many benefits is that you can watch lectures at 2x speed and zoom ahead of the other students and get to the hands on labs quicker. Or if there's bits of material you already know, you can just skip them and move on to the bits you don't know! Another big benefit is that you get to take the full lectures and labs with you! That means if you forget stuff and then need it in 6 months, you can quickly re-bootstrap yourself! Or you can watch the class twice, to really grow those neural connections and cement it in your brain! And unlike live lectures, our lectures are always getting more factually accurate, by having any accidental errors edited out.

Because we give you all the lecture and lab materials and videos before and after class, what you're really paying for is support from the instructor before, during, and after class! So you'll be entitled to start the class up to a week early and be able to ask up to 20 questions before or after class with quick turnaround. This lets you keep working through the material even if you run out of time at the in-person training.

If you'd instead like to take a custom learning-path class that picks and chooses material from any of the classes that list Xeno as the instructor, you can sign up for the Xeno's All You Can Learn Buffet class instead.

Training Detailed Agenda:

  • Introduction
    • Attacker motivations & capabilities
  • Reset Vector
    • The "Real Mode" execution environment
    • Reading reset vector assembly and the transitions to "Protected Mode"
  • Chipsets
    • The evolution of the platform architecture
    • Finding the correct manual for the hardware you bring to class, to find the correct offsets to memory mapped IO registers for the rest of the class
  • Input/Output
    • Memory Mapped IO (MMIO) as used by firmware
    • Port IO (PIO) as used by firmware
    • Hardware-defined vs. reconfigurable memory spaces
  • PCIe
    • Evolution, topology, and usage by firmware
    • Configuration address space MMIO vs. PIO accesses
    • Base address registers & extended configuration address space
    • "Option ROMs" and how they've been repeatedly used for attacks
  • SPI Flash
    • Introduction & supported SPI operation modes on x86
    • MMIO register-based SPI flash programming interface
    • SPI flash layout & the Intel flash descriptor
    • SPI protection threat tree, moves and counter-moves
      • Protected Range Registers (PRRs) and bypasses like failure to FLOCKDN + sleep attacks
      • SMM-based BIOS Lockdown and bypasses like SMI Suppression + sleep attacks
  • System Management Mode (SMM)
    • Introduction & System Management Interrupts (SMIs)
    • System Management RAM (SMRAM) & the protection thereof
    • SMM threat tree, moves and counter-moves:
      • Caching Attacks
      • Remapping Attacks
      • SMM Call-Out Vulnerabilities
      • SMM Confused Deputy Attacks
      • SMM TOCTOU Attacks
  • Power-transition attacks
    • x86 ACPI S3 low-power sleep effects on SPI & SMM protection
    • Attacks exploiting S3 sleep states
  • Introduction to UEFI
    • Boot Firmware History
    • Basic Input/Output System (BIOS)
    • From BIOS to Unified Extensible Firmware Interface (UEFI)
    • Initial UEFI Goals
    • Current UEFI Goals
    • EFI, UEFI, and EDKII
    • EFI vs. UEFI
  • UEFI Architecture Overview
    • Implementations
    • EDKII
    • Practice #1: EDKII building & running OVMF in QEMU
    • UEFI Criticism
    • Practice #2: EDKII Debugging
      • Debugging environment setup
      • Debugging by printing
      • Using ASSERTs
      • Disabling compiler optimization
      • Debugging using Intel UDK Debugger Tool
    • Design Principles
    • Practice #3: Explore firmware hierarchical structure
      • Introduction
      • UEFIExtract
    • Firmware Core
  • UEFI Boot Flow
    • Booting Sequence Overview
    • Boot Manager
    • Security phase (SEC)
    • Pre-EFI Initialization (PEI)
      • Calling Convention
      • Practice #4: Inside HOBs
        • How to find a HOB?
    • Driver eXecution Envinronment (DXE)
      • UEFI Driver Model
      • Protocols
    • Boot Device Selection (BDS)
    • Practice #5: Boot log overview
      • Finding UEFI boot phases
      • SEC: Initial debugging steps
      • SEC: Initial debugging other way
      • PEI: Jump to PEI and review debug.log
      • DXE
      • BDS
    • UEFI shell
    • Quiz #3
    • Practice #6: UEFI Shell exploration
  • Conclusion

Who Should Attend? | Target Audience:

  • People who want to start their journey up the skill tree towards such professions as firmware developer, firmware reverse engineer, firmware code auditor, firmware exploiter, or boot security architect.
  • People who gain satisfaction from understanding how systems really work at a very deep level.
  • People who don't have a lot of free time outside of work, and who thus want to use this time to hunker down and jam through all this material with full instructor support.

What to Bring? | Software and Hardware Requirements:

  • Headphones for watching videos, (preferably over-ear so you're not disturbed as the instructor is walking around the class answering individuals' questions).
  • PC (or x86 Mac) running Linux on a dedicated non-virtualized partition
  • Administrator privileges to install virtualization software on your machine.
  • A link to a software setup guide will be sent before class, and the student should install before class to maximize time available for interaction with the instructor. (Software to be installed includes Intel Simics, Chipsec, UEFITool, Read-Write Everything, and QEMU)

What to Bring? | Prerequisite Knowledge and Skills:

You should have equivalent knowledge of x86-64 assembly as that provided in the x86-64 Assembly class, also offered at

You should also have the knowledge of control registers, model-specific registers, segmentation, and port IO provided in the x86-64 Hardware-specific OS Internals class, also offered at

If you don't have that background, or if you just need a quick refresher, you can sign up for the Xeno's All You Can Learn Buffet class to create a custom learning path and go through the minimum background material necessary to proceed into this class'.

Resources Provided at the Training | Deliverables:

  • Online instructions on how to set up and test your machine before coming to class
  • Access to all Creative-Commons-licensed slides & Mozilla-licensed lab code
  • Access to all Creative-Commons-licensed lecture & lab videos!!!


Xeno began leading Windows kernel-mode rootkit detection and defense research projects at MITRE in 2009, before moving into research on BIOS security in 2011. His team's first public talks started appearing in 2013, which led to a flurry of presentations on BIOS-level vulnerabilities up through 2014. In 2015 he co-founded LegbaCore. And after presenting a firmware worm that could spread between Macs via Apple's EFI-based BIOS and Thunderbolt Ethernet adapters, he ended up working for Apple. There he worked on securing all the lesser-known firmwares on Macs and peripherals - everything from 3rd party GPUs to SecureBoot for monitors! He worked on the x86-side of the T2 SecureBoot architecture, and his final project was leading the M1 SecureBoot architecture - being directly responsible for designing a system that could provide iOS-level security, while still allowing customer choice to trust arbitrary non-Apple code such as Linux bootloaders. He left Apple in Dec 2020 after the M1 Macs shipped, so he could work full time on OpenSecurityTraining2.