Recon2012 - PREVIEW

Recon 2012

Ralf-Philipp Weinmann
Day Day 2 - 2012-06-15
Room Grand Salon
Start time 15:30
Duration 01:00
ID 242

Debugging Baseband Stacks

Software stacks for cellular communication standards are complex beasts. In the past, I presented work on memory corruption vulnerabilities in said software stacks that were found using reverse engineering of the firmware image and subsequent static analysis.

However, this is a really time consuming technique. Moreover, not having a debugger but only the option of obtaining memory snapshots makes development of exploits time-consumimg. In this talk I will look at and demonstrate the available options to debug code on the baseband processor -- both software-oriented and using additional hardware.

A port of Guillaume Delugre's qcombbdbg to OKL4 hosted QCOM baseband stacks will be shown [hopefully I will have the remaining bugs fixed by then so I can also release it at REcon].