MoonshineMidnight
Here you can see in the video the following:
After the device is being rebooted from AFU modus, the attacker (XRY pro) enters fastboot mode directly in order to thwart the wasted app from erasing all the contents, now the phone is in fastboot mode but the RAM is not cleared yet (which makes this in theory a BFU 'hot' device).
[img]https://i.imgur.com/nmsquHw.png[/img]
Here you can see the RAM dump happening.
After the RAM dump is finished they start bruteforcing the password of the device bypassing the secure element of the pixel device (titan m)
[img]https://i.imgur.com/NqFd7xK.png[/img]
This shows the bruteforce processs.
The trick here what they use is the following:
They can bypass secure element by booting into the fastboot mode when the phone has been previously in AFU, after that they dump the RAM since the RAM hasn't been cleared yet and bruteforce the keys giving them a password.