Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

iPhone Baseband Research and Reversing - Security Insights and Techniques

Bugcrowd via YouTube

Overview

Explore iPhone baseband research and reversing techniques in this 48-minute conference talk from LevelUp 0x03. Dive into the intricacies of baseband technology in mobile Apple devices, focusing on 32-bit systems and Qualcomm firmware. Gain insights into baseband internals, research methodologies, and useful tools for analysis. Learn about firmware boot stages, code signatures, security measures, and certificate chains. Discover techniques for dumping and debugging SBL1, analyzing Sahara mode in SBL2, and identifying known vulnerabilities. Explore fuzzing methods for baseband, including log analysis and AT command fuzzing. Acquire valuable resources and understand future developments in this field of mobile security research.

Syllabus

Intro
WHY BASEBAND
WHAT IS BASEBAND
BASEBAND IN 32-BIT MOBILE APPLE DEVICES
BASEBAND FIRMWARE IN 32-BIT MOBILE APPLE DEVICES
QUALCOMM BASEBAND OPERATING SYSTEM
QUALCOMM FIRMWARE: BOOT STAGES
QUALCOMM FIRMWARE: CODE SIGNATURES
QUALCOMM FIRMWARE: PARSE AND LOAD SECURITY
QUALCOMM FIRMWARE: CERTIFICATE CHAIN
QUALCOMM FIRMWARE: AMSS
QUALCOMM FIRMWARE: OSBL
QUALCOMM DETAILS (IPHONE 5)
SBL1 DUMPING AND DEBUGGING FEATURES!!!
SBL2: SAHARA MODE DLOAD
ANALYZING FIRMWARE
KNOWN VULNERABILITIES IN BASEBAND FIRMWARE
FUZZING THE BASEBAND: LOGS
FUZZING THE BASEBAND: FUZZER
FUZZING AT COMMANDS
FUTURE DEVELOPMENTS
RESOURCES

Taught by

Bugcrowd

Reviews

Start your review of iPhone Baseband Research and Reversing - Security Insights and Techniques

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.