Attacking Samsung Galaxy A* Boot Chain, and Beyond
Unknown
Black Hat USA 2024 · Day 1 · Briefing
This talk, presented by Rafael and Maxime at Black Hat USA, delves into a sophisticated chain of vulnerabilities discovered in Samsung Galaxy A-series devices based on MediaTek System-on-Chips (SoCs). The researchers detail how they achieved complete control over these devices through the USB port, ultimately enabling the exfiltration of sensitive secrets stored within the secure world, including **key store keys**. The research highlights critical weaknesses in the boot chain of these devices, specifically within Samsung's customized Little Kernel (LK) bootloader and its interaction with the Odin recovery protocol.