YoVDO

How to Find Bugs in USB Device Drivers

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Software Development Courses Cybersecurity Courses Virtualization Courses USB Security Courses Kernel Vulnerabilities Courses

Course Description

Overview

Explore the vulnerabilities in USB device drivers through this Black Hat conference talk. Delve into the development of the vUSBf framework, a virtual USB fuzzer based on KVM and QEMU's USB redirection protocol. Learn how this innovative tool enables the execution of up to 150 tests per second on a single Intel system, significantly accelerating the bug detection process. Discover the types of bugs uncovered in Enterprise Linux kernels and current Linux kernels, including null-pointer dereferences, kernel panics, and segfaults. Gain insights into the framework's architecture, its ability to define millions of test cases using XML configuration, and its potential for scaling through a built-in cluster protocol. Understand the implications of these findings for USB security and the importance of systematic analysis in identifying vulnerabilities in hardware-specific drivers.

Syllabus

Intro
Why USB
History of USB
Impact of USB
Black Hat Las Vegas
Linux
Virtualisation
Architecture
Fuzzing
Export Sequences
Are we faster
Faster fuzzing
Demo
Archive
Results
Outro


Taught by

Black Hat

Related Courses

Attack on Titan M, Reloaded - Vulnerability Research on a Modern Security Chip
Black Hat via YouTube Attacks From a New Front Door in 4G & 5G Mobile Networks
Black Hat via YouTube AAD Joined Machines - The New Lateral Movement
Black Hat via YouTube Better Privacy Through Offense - How to Build a Privacy Red Team
Black Hat via YouTube Whip the Whisperer - Simulating Side Channel Leakage
Black Hat via YouTube