Presented at
REcon 2019,
June 30, 2019, 3:30 p.m.
(30 minutes).
What will happen if you'd find a remotely exploitable vulnerability in one of your peripherals?
What would happen if it would be in one of your most crucial communication processors your device has?
Baseband research merely has a high entry barrier that keeps out all but the most well funded organizations.
While baseband analysis remains one of the least well-explored in the public domain, many researchers don’t know that it is not rocket science.
Even though the baseband is not well explored, some vulns, exploitable by the air were found and patched, these will be examined and explained.
In this talk I will show my methods and experience with reverse engineering
and root causing several vulnerabilities which were reported by various researchers and patched in the past year.
This is a continuation talk from my last year's talk, "From 0 to Infinity", that I presented in SyScan360 et al,
I'll be talking about the remote protocols the Baseband has, my personal experience with reverse engineering, tinkering and finding bugs.
Finally, I'll show one bug that was burned in last year.
This is mostly a methodolodgy rather than "Open IDA, *Browse 5 minutes*, Dang - here is the bug"
Presenters:
-
Guy
Guy,(@shiftreduce), is a Freelance Security Researcher mostly interested in Low Level Research.
While he's not reversing embedded stuff, he usually plays Zelda BOTW, Super Smash Bros Ultimate.
Links:
Similar Presentations: