The summary of ‘Thunderspy PoC demo 1: Unlocking Windows PC in 5 minutes’

This summary of the video was created by an AI. It might contain some inaccuracies.

00:00:0000:05:52

The YouTube video demonstrates how to bypass Thunderbolt security on a Lenovo P1 laptop by altering the firmware data using an SPI programmer called Bus Pirate and a tool called "flashrom." By modifying the Thunderbolt controller's security level, the presenter disables security measures. Additionally, a custom firmware is programmed using flashrom, and a Thunderbolt-based attacker device along with PCILeech tool is utilized to facilitate bypassing the Windows lockscreen without requiring a password input.

00:00:00

In this part of the video, the presenter demonstrates how to bypass Thunderbolt security on a Lenovo P1 laptop by accessing the SPI flash using an SPI programmer called Bus Pirate. They use a tool called “flashrom” to extract the firmware data, modify the Thunderbolt controller’s security level from SL1 to SL0 (disabling all security), and then write the modified firmware back to the SPI flash.

00:03:00

In this part of the video, the process involves programming the SPI flash with custom firmware using flashrom. The SPI programmer is detached, and the backplate is put back onto the laptop. A Thunderbolt-based attacker device is then attached to the laptop. The device is used along with a tool called PCILeech to load a kernel module into the laptop’s memory, allowing for bypassing the Windows lockscreen without entering a password successfully.

Scroll to Top