Fingerprint BYPASS with just a pencil (real world hack)
Big thanks to ThreatLocker for sponsoring my trip to Black Hat 2025. To start your free trial with ThreatLocker please use the following link: https://www.threatlocker.com/davidbombal David Bombal sits down with Philippe Laulheret of Cisco Talos at Black Hat to unpack new vulnerabilities in Dell’s ControlVault security board (the module behind fingerprint/smart-card/NFC on many Latitude/Precision laptops). Laulheret chains two bugs to get code execution, leaks device-unique AES/HMAC keys, and modifies firmware for persistence. He then backdoors a function so requesting object “1337” delivers a payload that abuses the Windows Biometric Framework (Broadcom DLL) to spawn a SYSTEM reverse shell. Demos: onion/plastic-finger unlock and a physical USB ribbon-cable attack path. // Phillippe Laulheret’s SOCIALS // LinkedIn: / philippe-laulheret-094a5315 Talos Blog: https://blog.talosintelligence.com/au... X: https://x.com/TalosSecurity // David's SOCIAL // Discord: / discord X: / davidbombal Instagram: / davidbombal LinkedIn: / davidbombal Facebook: / davidbombal.co TikTok: / davidbombal YouTube: / @davidbombal Spotify: https://open.spotify.com/show/3f6k6gE... SoundCloud: / davidbombal Apple Podcast: https://podcasts.apple.com/us/podcast... // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: [email protected] // Menu // 0:00 - Coming up 0:59 - ThreatLocker Shout Out 01:12 - Intro 02:10 - Paid to Hack Ethically 02:25 - The Finger and The Onion Story 03:25 - The ReVault Presentation 04:49 - Demo 1 06:19 - Attack Scenarios Physical Access vs Remote 10:48 - Reverse Shell Demo 11:51 - Demo 2 13:43 - The Bugs Attributes 15:32 - How Long Did It take to figure out ? 17:21 - I really Broke it now 17:45 - Demo 3 19:55 - Physical Attack Demo 20:55 - Conclusion & Outro Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! Disclaimer: This video is for educational purposes only. #threatlocker #blackhat #cisco
Hacking cell phones like Mr Robot
Hacker Explains VPN Hacking: ADMIN access without password (real world demo)
Figli di Algoritmo | DigitalMindCrime #001
How to Detect a Fake Cell Tower Spying on Your Phone (Stingray)
Darknet Bible: The Ultimate OpSec Guide
I Hacked This Temu Router. What I Found Should Be Illegal.
Something is jamming GPS over Europe. Here's what we found
Hacker Shows the Most Insane Gadgets in His EDC
Exposing The Solid State Donut Battery. It's Over.
7 REAL 5-Minute Cybersecurity Hacks Everyone Should Know
Analysing a Pegasus 0-click Exploit for iOS
This $50 Device lets anyone spy and track your phone!
I Hacked Into The World's Worst E-Bike And Fixed It
Your Phone Is Not Listening to You - Truth Is Much Worse
JANITOR vs THE BIGGEST GUY IN THE GYM. HE Didn’t Expect THAT
Hacking IP Cameras (CCTV) with Demos and Real World Examples
This Makes Hacking TOO Easy - Flipper Zero
15 Secret Hacking Gadgets You Can Legally Buy on Amazon
Metasploit Hacking Demo (includes password cracking)
