Fuzzing Against the Machine

Automate vulnerability research with emulated IoT devices on QEMU

By: Antonio Nappa, Eduardo Blazquez, Nikias Bassen, Dr. Javier Lopez-Gomez

Write A Review

eText | 19 May 2023 | Edition Number 1

At a Glance

Format
ePUB

eText

$65.99

or 4 interest-free payments of $16.50 with

Instant online reading in your Booktopia eTextbook Library *

Why choose an eTextbook?

Instant Access *

Purchase and read your book immediately

Read Aloud

Listen and follow along as Bookshelf reads to you

Study Tools

Built-in study tools like highlights and more

* eTextbooks are not downloadable to your eReader or an app and can be accessed via web browsers only. You must be connected to the internet and have no technical issues with your device or browser that could prevent the eTextbook from operating.

Find security flaws effectively in any architecture through emulation and fuzzing with Qemu and AFL

Key Features

Understand the vulnerability landscape and the useful tools such as Qemu and AFL
Explore use cases to find vulnerabilities and execute unknown firmware
Learn to create your own firmware emulation and fuzzing environment to discover vulnerabilities

Book Description

Emulation and fuzzing are amongst the many techniques that are in use for cybersecurity, but how to use these techniques?

Fuzzing against the machine is a hands-on guide that will take you through the "how" of these powerful tools and techniques. Using a variety of real-world use cases and practical examples, you'll be taken from an overview of the fundamental concepts of fuzzing and emulation to advanced vulnerability research, giving you the tools and skills, you need to find the security flaws in your software.

This book starts with an introduction to Qemu, a tool that allows you to run software for whatever architecture you can think of, and American fuzzy lop (AFL) and it's improved version AFL++, free and open source famous fuzzer engines. You'll combine these powerful tools to create your own emulation and fuzzing environment and then use it to discover vulnerabilities in systems such as iOS, Android and Samsung's Mobile Baseband software, Shannon. Once you've read the introductions and set up your environment you will get flexibility to dive into whichever chapter you want, although they get steadily more advanced as the book progresses.

By the end of the book, you'll have the skills, knowledge, and practice required to find the flaws in any firmware by emulating and fuzzing it with Qemu and several fuzzing engines.

What you will learn

Understand the differences between emulation and virtualization
Discover the importance of emulation and fuzzing in cybersecurity
Learn about Fuzz an entire operating system
Discover Injecting a fuzzer into proprietary firmware
Find out comparison between static and dynamic fuzzing
Explore Combining Qemu with AFL and AFL++
Explore Fuzz peripherals such as modems
Learn to find the vulnerabilities in Osmocon

Who This Book Is For

This book is for security researchers, security professionals, embedded firmware engineers, and embedded software professionals. It is also a useful resource for learners interested in emulation, and software engineers interested in vulnerability research and exploitation, software testing, and embedded software development. General knowledge in programming (preferred C and Python), operating systems (Linux, macOS), knowledge of the use of Linux shell, compilation, and debugging.

Who this book is for
History of emulation
Qemu from the ground
Qemu Execution Modes and Fuzzing
A Famous Refrain: AFL+QEMU = CVEs
Modifying QEMU for basic instrumentation
Real-life Case Study: Samsung Exynos Baseband
Case Study: OpenWRT full system fuzzing
Case Study: OpenWRT System Fuzzing for ARM
Finally Here: iOS Full System Fuzzing
Deus Ex Machina: Fuzzing Android Libraries
Conclusion and Final Remarks