0

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Free Learning

Fuzzing Against the Machine

You're reading from Fuzzing Against the Machine Automate vulnerability research with emulated IoT devices on QEMU

Product type Paperback

Published in May 2023

Publisher Packt

ISBN-13 9781804614976

Length 238 pages

Edition 1st Edition

Languages

Assembly

Tools

Qemu

Concepts

Cybersecurity

Authors (3):

Antonio Nappa

Eduardo Blázquez

Eduardo Blazquez

View More author details

Table of Contents (18) Chapters

Preface

1. Part 1: Foundations

2. Chapter 1: Who This Book is For FREE CHAPTER

3. Chapter 2: History of Emulation

4. Chapter 3: QEMU From the Ground

5. Part 2: Emulation and Fuzzing

6. Chapter 4: QEMU Execution Modes and Fuzzing

7. Chapter 5: A Famous Refrain: AFL + QEMU = CVEs

8. Chapter 6: Modifying QEMU for Basic Instrumentation

9. Part 3: Advanced Concepts

10. Chapter 7: Real-Life Case Study: Samsung Exynos Baseband

11. Chapter 8: Case Study: OpenWrt Full-System Fuzzing

12. Chapter 9: Case Study: OpenWrt System Fuzzing for ARM

13. Chapter 10: Finally Here: iOS Full System Fuzzing

14. Chapter 11: Deus Ex Machina: Fuzzing Android Libraries

15. Chapter 12: Conclusion and Final Remarks

16. Index

Why subscribe?

17. Other Books You May Enjoy

Summary

In this chapter, we have surely gone beyond expectations. We have taken an obscure, poorly documented architecture and, thanks to the efforts of many expert people and some of our expertise, we have set up a full-system fuzzer for Apple’s iOS.

The skill set we have learned in this chapter are the final steps toward creating a full-system emulation. These skills involve creating a way to send AFL input to an emulated system, using functions such as dup2() to establish communication channels. We also learned how to create a way to stop a VM and retrieve input using hypercalls and free interrupt handlers to capture relevant information. Additionally, we utilized an interface to enumerate all the system calls and tested them through a loop, employing techniques such as the __syscall assembly trick. Finally, we learned how to put everything together in an unknown and closed source architecture, integrating the various components and techniques to emulate the system effectively...

The rest of the chapter is locked

Register for a free Packt account to unlock a world of extra content!

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at €18.99/month. Cancel anytime

Authors (2)

Antonio Nappa

Antonio Nappa

Antonio Nappa is an Application Analysis Team Leader at Zimperium Inc. He has been in the cybersecurity game since 17 years old. He holds a PhD in Software and Systems from the Madrid Institute of Advanced Studies. He has been a visiting scholar at UC Berkeley. His contributions have been published and recognized in international peer-reviewed venues. Since the DEFCON 2008 Finals, he never goes to sleep with a segfault.

See other products by Antonio Nappa

Eduardo Blázquez

Eduardo Blázquez

Eduardo Blázquez is a PhD student of the University Carlos III of Madrid. He has been working in the cybersecurity area since 2017, with interests in Reverse Engineering and Malware Analysis. Currently, he is doing a PhD thesis about Android Security, but in his spare time he likes to study different topics like program analysis or operating system internals, and from time to time he likes to play different wargames about software exploitation.

See other products by Eduardo Blázquez

Personalised recommendations for you

Based on your interests and search pattern

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m