Overview
Syllabus
Intro
WHAT PREVENTS OFF-DEVICE DYNAMIC ANALYSIS (IN EMULATOR)?
SUPERFICIALLY DEPENDENT PATHS: EXAMPLE, MSM_ISP DRIVER FROM MSM KERNEL
SUPERFICIALLY DEPENDENT PATHS: EXAMPLE, MSM ISP DRIVER FROM MSM KERNEL
HOW KERNEL MANAGES DEVICES: DEVICE TREES
HARDWARE DEPENDENCIES: MISSING PERIPHERAL
SOFTWARE DEPENDENCIES 1: FUNCTION STUBS
STRUCTURE LAYOUTS
TESTING KNOWN CVE'S WITH EVASION KERNEL (HYPOTHESIS 1)
INITIALIZING ALIEN DRIVERS (HYPOTHESIS 2)
USER-SPACE FUZZING
IOCTL COMPLEX FORMAT
RECOVERING IOCTL'S
FUZZING RESULTS
CONCLUSION
Taught by
IEEE Symposium on Security and Privacy