Twitter | Search | |
Maxim Goryachy
Hardware/Software/Firmware/Intel ME Researcher. Opinions are my own and not the views of my employer.
385
Tweets
176
Following
3,178
Followers
Tweets
Maxim Goryachy retweeted
Plato Mavropoulos Oct 13
I have written a new utility called AMI BIOS Guard Extractor. It parses AMI BIOS Guard (a.k.a. PFAT) images and extracts a proper SPI/BIOS image. You can find it at my Various BIOS Utilities for Modding/Research repository.
Reply Retweet Like
Maxim Goryachy retweeted
Plato Mavropoulos Oct 11
ME Analyzer v1.70.0 adds full parsing & unpacking of all Intel CSE ME/TXE/SPS File Systems (MFS/AFS) based on the amazing initial research by . MEA can now show the FS state and log all low-level details. General CSE firmware analysis also improved.
Reply Retweet Like
Maxim Goryachy Oct 9
"... modifications underwent a limited validation cycle and are not an officially supported configuration." at new version of ME;)
Reply Retweet Like
Maxim Goryachy retweeted
Tube Time Oct 4
decided to examine my motherboard and OH SHIT! 🙀
Reply Retweet Like
Maxim Goryachy retweeted
Nikolaj Schlej Oct 4
Did some more experiments with Rust and Nom, here's a result - a (nearly) complete UEFI IFR parser that converts IFR binary data into human-readable text. Only string and form packages are parsed right now, but that's enough for most IFR files I've seen.
Reply Retweet Like
Maxim Goryachy Oct 2
Replying to @thomasareed @revskills
Yes, it has been fixed in High Sierra 10.13.5.
Reply Retweet Like
Maxim Goryachy retweeted
Mark Ermolov Oct 2
It seems that old Intel SPT and KBP (100 and 200 series) chipsets already had MCU acting as PMC. It was 8-bit 8051 microcontroller
Reply Retweet Like
Maxim Goryachy Oct 2
Our new paper "Intel ME Manufacturing Mode: obscured dangers" about SPI write-protection bypass in Apple MacBook. [ru] [en]
Reply Retweet Like
Maxim Goryachy retweeted
Ken Shirriff Sep 30
The Intel 8087 floating point chip contained an unusual high-density ROM. It stored 2 bits per transistor by using four different transistor sizes. I look inside the chip and explain how it works in my article:
Reply Retweet Like
Maxim Goryachy retweeted
Igor Skochinsky Sep 30
Reply Retweet Like
Maxim Goryachy retweeted
HITBSecConf Sep 29
The Phantom Menace: Intel ME Manufacturing Mode - Maxim Goryachy - cc
Reply Retweet Like
Maxim Goryachy Sep 29
Replying to @OhmSpectator
У меня для тебя плохие новости...
Reply Retweet Like
Maxim Goryachy Sep 29
Replying to @OhmSpectator
Декантер😎
Reply Retweet Like
Maxim Goryachy retweeted
Alex Ionescu Sep 29
I'm happy to confirm that the RS5 build (2018 Fall Update) of Windows 10 fixes the "this is not a vulnerability, Alex"-behavior of Win32k.sys which allowed r0ak () to arbitrarly read, write and execute all kernel memory. In light of this, I'll take it down.
Reply Retweet Like
Maxim Goryachy retweeted
PT Security Sep 28
How we developed the NIOS II processor module for IDA Pro
Reply Retweet Like
Maxim Goryachy retweeted
Alex Matrosov Sep 26
Looking forward to tomorrow’s talk “First STRONTIUM UEFI Rootkit Unveiled” by at It’s very rare when AV products can catch something like that in the wild. State-sponsored firmware threats are not rare but stealth enough to be under the radars.
Reply Retweet Like
Maxim Goryachy retweeted
Plato Mavropoulos Sep 22
When themselves recommend to use UEFITool to check the Intel Flash Descriptor access permissions. Cool, nice to see that. Although they should have recommended UEFITool NE for such a task and newer platform, just saying... :P
Reply Retweet Like
Maxim Goryachy Sep 22
Anton Dorfman (my colleague) has been published IDA Pro processor module for Altera Nios II Classic/Gen2 microprocessor architecture.
Reply Retweet Like
Maxim Goryachy retweeted
PositiveTechnologies Sep 22
Разрабатываем процессорный модуль NIOS II для IDA Pro
Reply Retweet Like
Maxim Goryachy retweeted
REhints Sep 21
Hex-Rays Plugin Contest 2018 winners announced! 1st) IDArling 2nd) IDA-Minsc and HexraysDeob 3rd) HeapViewer Congrats all the winners!!
Reply Retweet Like