Talks

A selection of talks given at various events:

  • Bitpixie: A Software-only BitLocker Bypass

    Bitpixie is a logic vulnerability in a Windows boot component which allows to recover the key material of BitLocker’s full disk encryption on a standard Windows 11 system.

    Based on the original research of Rairii and publications of Thomas Lambertz from Neodyme, I reproduced the Linux-based exploitation strategy and developed a WinPE-based alternative for systems where Microsoft’s third-party Secure Boot certificate is not trusted.

    The ~2 hours talk covered:

    • Boot Process
    • Secure Boot
    • TPMs
    • BitLocker
    • Bitpixie Vulnerability
    • Linux-based Exploitation
    • WinPE-based Exploitation
    • Post Exploitation
    • Mitigation

    The exploitation scripts are available on GitHub.

  • Vis Editor: Combining Modal Editing with Structural Regular Expressions

    The vis editor extends vi’s modal editing with built-in support for multiple selections and combines it with sam’s structural regular expression based command language and Lua scripting capabilities. The intention is not to be bug for bug compatible with vi(m), instead we aim to provide more powerful editing features based on an elegant design and clean implementation.

  • Abduco + DVTM: Session and Tiling Window Management for the Console

    Application of Unix design principles to combine multiple tools in order to provide a powerful working environment suitable for /dev/console or SSH sessions is illustrated. Advantages and limitations of the approach are presented and contrasted with alternatives such as GNU screen and tmux. The history of tiling window management is briefly recapitulated. Concepts such as layouts or tagging which are employed by dvtm are introduced.