ARM TrustZone technology is widely deployed on modern devices. Current implementations of TrustZone divide the privilege into 4 levels (EL0 to EL3) and 2 worlds (secure and non-secure). Normal world kernel privilege only provides a non-secure-EL1 level of view,
many interesting details of the device are still hidden/encrypted in the secure world. Related researches in the past mainly focus on Trusted APP and Kernel. Though some of them managed to gain secure-EL0/EL1 privilege via exploits, very few have touched the field of EL3, especially on Android phones. Starting from non-secure EL1, this talk will take a deep dive into the EL3 implementation of a very popular Android phone. This subjects will include an overview of the relationship between EL3 and 2 worlds; attack surface analysis and the procedure of finding an exploitable vulnerability on this particular device; exploit to run shellcode under EL3 privilege step by step; and finally real-life examples on how powerful the EL3 privilege can be (such as biometric ID methods bypass).