-
Notifications
You must be signed in to change notification settings - Fork 1
Home
Microsoft held a closed security bounty challenge. While we did not participate in the closed challenge, we found the Azure Sphere devices interesting and since the development boards are cheap, we bought a few and took them apart. We developed several tools to help with the exploration and identified a couple issues that were also identified by teams involved in the bounty challenge.
We tested on the Seeed MT3620 Mini Dev Board running MS Azure Sphere OS 20.05. Microsoft has since released several new versions with many security fixes. So the issues identified here may already be patched and the reverse engineering notes may no longer be accurate.
We created the following notes while reverse engineering Azure Sphere on the MT3620 dev kit:
- Hardware
- Open Source
- Firmware
- File Systems
- Host Device Management
- Recovery
- Application Loading
- Permissions
- Security Monitor
- Pluton
- Built In Applications
- Fuzzing
Here are some additional projects reverse engineering MS Azure Sphere: