iPhone Baseband Research and Reversing - Security Insights and Techniques
Offered By: Bugcrowd via YouTube
Course Description
Overview
Explore iPhone baseband research and reversing techniques in this 48-minute conference talk from LevelUp 0x03. Dive into the intricacies of baseband technology in mobile Apple devices, focusing on 32-bit systems and Qualcomm firmware. Gain insights into baseband internals, research methodologies, and useful tools for analysis. Learn about firmware boot stages, code signatures, security measures, and certificate chains. Discover techniques for dumping and debugging SBL1, analyzing Sahara mode in SBL2, and identifying known vulnerabilities. Explore fuzzing methods for baseband, including log analysis and AT command fuzzing. Acquire valuable resources and understand future developments in this field of mobile security research.
Syllabus
Intro
WHY BASEBAND
WHAT IS BASEBAND
BASEBAND IN 32-BIT MOBILE APPLE DEVICES
BASEBAND FIRMWARE IN 32-BIT MOBILE APPLE DEVICES
QUALCOMM BASEBAND OPERATING SYSTEM
QUALCOMM FIRMWARE: BOOT STAGES
QUALCOMM FIRMWARE: CODE SIGNATURES
QUALCOMM FIRMWARE: PARSE AND LOAD SECURITY
QUALCOMM FIRMWARE: CERTIFICATE CHAIN
QUALCOMM FIRMWARE: AMSS
QUALCOMM FIRMWARE: OSBL
QUALCOMM DETAILS (IPHONE 5)
SBL1 DUMPING AND DEBUGGING FEATURES!!!
SBL2: SAHARA MODE DLOAD
ANALYZING FIRMWARE
KNOWN VULNERABILITIES IN BASEBAND FIRMWARE
FUZZING THE BASEBAND: LOGS
FUZZING THE BASEBAND: FUZZER
FUZZING AT COMMANDS
FUTURE DEVELOPMENTS
RESOURCES
Taught by
Bugcrowd
Related Courses
Siglent SSA3032X Spectrum Analyzer Review and ExperimentsAfrotechmods via YouTube Owning the Smart Home with Logitech Harmony Hub
Security BSides San Francisco via YouTube Malware Detection and Firmware Analysis Lab
Bill Buchanan OBE via YouTube Live Breaking into Encrypted 3D Printer Firmware
Hackaday via YouTube Debugging Electronics - You Can’t Handle the Ground Truth!
Hackaday via YouTube