Felipe Custodio Romero
Felipe Custodio Romero (@_localo_) is a vulnerability researcher at Neodyme, obsessed with finding weaknesses in all sorts of systems. Whether he's exploiting game clients like Counter-Strike, compromising IoT devices (such as printers and routers at Pwn2Own), or digging into low-level bootroms, Felipe's interests are broad and deep. Beyond his research, he's dedicated to forming the next generation of security professionals by organising CTFs like the CSCG, providing a platform for newcomers to explore IT security and allowing existing talents to sharpen their abilities. Much of his practical experience was gained by participating in numerous CTFs with teams ALLES! and FluxFingers.
Session
This presentation will provide an in-depth look at a legacy version of Widevine L3, Google's software-based Digital Rights Management (DRM) system. Despite its widespread use in streaming services, often for low-definition content where its software-only nature is deemed sufficient protection, Widevine L3 has faced numerous public compromises. We will demonstrate how partial emulation can be practically applied to perform Differential Fault Analysis (DFA), breaking the system's root of trust. The talk will conclude with a detailed walkthrough of deobfuscating the Widevine L3 codebase to enable the generation of custom keyboxes.