0

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Free Learning

Fuzzing Against the Machine

You're reading from Fuzzing Against the Machine Automate vulnerability research with emulated IoT devices on QEMU

Product type Paperback

Published in May 2023

Publisher Packt

ISBN-13 9781804614976

Length 238 pages

Edition 1st Edition

Languages

Assembly

Tools

Qemu

Concepts

Cybersecurity

Authors (3):

Antonio Nappa

Eduardo Blázquez

Eduardo Blazquez

View More author details

Table of Contents (18) Chapters

Preface

1. Part 1: Foundations

2. Chapter 1: Who This Book is For FREE CHAPTER

3. Chapter 2: History of Emulation

4. Chapter 3: QEMU From the Ground

5. Part 2: Emulation and Fuzzing

6. Chapter 4: QEMU Execution Modes and Fuzzing

7. Chapter 5: A Famous Refrain: AFL + QEMU = CVEs

8. Chapter 6: Modifying QEMU for Basic Instrumentation

9. Part 3: Advanced Concepts

10. Chapter 7: Real-Life Case Study: Samsung Exynos Baseband

11. Chapter 8: Case Study: OpenWrt Full-System Fuzzing

12. Chapter 9: Case Study: OpenWrt System Fuzzing for ARM

13. Chapter 10: Finally Here: iOS Full System Fuzzing

14. Chapter 11: Deus Ex Machina: Fuzzing Android Libraries

15. Chapter 12: Conclusion and Final Remarks

16. Index

Why subscribe?

17. Other Books You May Enjoy

QEMU extensions and mods

To many average users, dealing with C code is often very hard, time-consuming, and ultimately, not productive. Nonetheless, the emergence of executing some custom firmware and understanding its structure while running (that is, dynamic analysis) arose when the IoT era began. Indeed, it has become very difficult to debug code running into an embedded device such as a router or a baseband chip inside a mobile phone. Luckily, researchers, both in industry and academia, have developed very powerful frameworks to help experts use QEMU as an abstraction layer, without dealing much with its internals, and to analyze what is running through the firmware code by use of a Python interface. This process of decoupling and abstraction is extremely difficult and of course, some knowledge is always required and welcome. Some examples are Avatar and Avatar2, TriForceAFL, and PANDA.

A brief example of Avatar2

It was in 2014 when Jonas Zaddach presented the first version...

The rest of the chapter is locked

Register for a free Packt account to unlock a world of extra content!

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at €18.99/month. Cancel anytime

Authors (2)

Antonio Nappa

Antonio Nappa

Antonio Nappa is an Application Analysis Team Leader at Zimperium Inc. He has been in the cybersecurity game since 17 years old. He holds a PhD in Software and Systems from the Madrid Institute of Advanced Studies. He has been a visiting scholar at UC Berkeley. His contributions have been published and recognized in international peer-reviewed venues. Since the DEFCON 2008 Finals, he never goes to sleep with a segfault.

See other products by Antonio Nappa

Eduardo Blázquez

Eduardo Blázquez

Eduardo Blázquez is a PhD student of the University Carlos III of Madrid. He has been working in the cybersecurity area since 2017, with interests in Reverse Engineering and Malware Analysis. Currently, he is doing a PhD thesis about Android Security, but in his spare time he likes to study different topics like program analysis or operating system internals, and from time to time he likes to play different wargames about software exploitation.

See other products by Eduardo Blázquez

Personalised recommendations for you

Based on your interests and search pattern

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m