Tag: ghidra

In a blog post published last December, we demonstrated how we managed to extract the firmware from a smartwatch by exploiting an out-of-bounds read vulnerability and spying on its screen interface. Follow us on our long and unexpected journey to figure out how this smartwatch can measure heart rate or blood pressure with no visible sensor, the problems we encountered while analyzing its firmware, and how we solved them to uncover The Truth about this device.

In this second blog post of our series on Samsung's TrustZone, we present the various tools that we have developed during our research to help us reverse engineer and exploit Trusted Applications as well as Secure Drivers.