Coursera Spring Sale
40% Off Coursera Plus Annual!
Grab it
Explore a comprehensive security research journey that began with the simple goal of playing custom Beatsaber songs on a gaming console and evolved into a deep dive into AMD Platform Security Processor vulnerabilities. Learn how initial attempts at fault injection on AMD's PSP were derailed by software bugs, which then became entry points for discovering multiple security flaws and ultimately achieving EL3 code execution on the chip's most secure core. Discover novel physical attack techniques for targets with challenging hardware characteristics, including methods for bypassing capacitors and powerful MOSFETs that typically thwart traditional glitching approaches. Examine at least 6 unpatchable bugs and 5 zero-day exploits uncovered during this research, along with the discovery strategies and attack methodologies used to identify them. Follow the progression from browser-based exploitation attempts through kernel-level challenges to hardware-level attacks, understanding how hypervisor protections and heavy sandboxing led to the decision to pursue physical modification approaches. Gain insights into the practical aspects of working with AMD SoC desktop mainboards as research targets and learn transferable techniques for security research on similar hardware platforms.
