Recon2012 - PREVIEW
Recon 2012
| Speakers | |
|---|---|
|
Ralf-Philipp Weinmann |
| Schedule | |
|---|---|
| Day | Day 2 - 2012-06-15 |
| Room | Grand Salon |
| Start time | 15:30 |
| Duration | 01:00 |
| Info | |
| ID | 242 |
Debugging Baseband Stacks
Software stacks for cellular communication standards are complex beasts. In the past, I presented work on memory corruption vulnerabilities in said software stacks that were found using reverse engineering of the firmware image and subsequent static analysis.
However, this is a really time consuming technique. Moreover, not having a debugger but only the option of obtaining memory snapshots makes development of exploits time-consumimg. In this talk I will look at and demonstrate the available options to debug code on the baseband processor -- both software-oriented and using additional hardware.
A port of Guillaume Delugre's qcombbdbg to OKL4 hosted QCOM baseband stacks will be shown [hopefully I will have the remaining bugs fixed by then so I can also release it at REcon].