Internship - Bootloader vulnerability exploitation & research (ARM)

eShard

SME40 employees

Published on January 15, 2024

  • Contract

    Internship (4 - 6 months)

  • Study level

    Master level

  • Location

    Bordeaux,
    Remote work occasionally allowed

eShard illustration

Come join our team where expertise is rooted in our DNA, bolstered by years of cutting-edge R&D. At eShard, we embody the vital link between 'know' and 'how' for our clients, as well as within our collective.



Your Missions:


Firstly, you will conduct a state-of-the-art study of published vulnerabilities (CVEs) targeting bootloaders across a variety of IoT devices: medical equipment, cameras, sensors, etc. Together, we will select some of these and you will implement them on actual devices. The goal is to understand the practical end-to-end attack and to implement the corresponding logics.


You will document this research in notebooks using our reverse engineering platform, which will feed into the knowledge base we aim to enrich.


In summary:


  • Conduct a state-of-the-art review of vulnerabilities in IoT devices,
  • Practically implement reverse engineering techniques to lead to vulnerabilities,
  • Document your findings in notebooks that combine explanations and Python code.



You are the ideal candidate for us if...


  • You have developed a particular interest in:
  • Reverse engineering on IoT devices,
  • Developing in Python.
  • You have a strong knowledge of ARM architectures, assembly language, C programming, using IDA or Ghidra, debuggers.
  • You have participated in CTF (Capture The Flag) or other competitions.
  • You have a hacker mindset, are proactive, independent, and show initiative.
  • You are proficient in English.


We base our recruitment processes on skills and expertise, regardless of ethnic origin, age, or gender, and all our positions are open to people with disabilities.

Application deadline

Not given

Start date

As soon as possible

Job Category

Programming

More about the company