QEMU For Fuzz and Profit: Emulation and Fuzzing Techniques

  Saturday, 24 February

  90 mins

ABSTRACT

The workshop will showcase the QEMU Course, were we move among different architectures and harnesses. We will show famous tools such as American Fuzzy Lop (AFL) and its improved version, AFL++. You’ll learn how to combine these powerful tools to create your own emulation and fuzzing environment and then use it to discover vulnerabilities in various systems, such as iOS, Android, and Samsung’s Mobile Baseband software, Shannon.

DESCRIPTION

Workshop Highlights:

• Setting the Stage: Get acquainted with the prerequisites and tools vital to grasp the nuances of this workshop, ensuring you can make the most of the content ahead.
• Journey Through Time: Embark on a historical exploration of emulation, understanding its evolution, nuances, and its paramount role in the ever-evolving landscape of cybersecurity.
• QEMU - The Emulator Spotlight: Get an in-depth understanding of QEMU - our system emulator of choice, learning about its internals, capabilities, and previous success stories.
• Fuzzing with QEMU: Dive into the intricacies of QEMU's execution modes and the dynamic world of fuzzing. Understand static versus dynamic fuzzing and their practical applications.

Case Studies Galore:

• Relive the discovery of a 2011 vulnerability in VLC through the synergy of QEMU and AFL.
• Understand the real-world implications with a look into the vulnerability found in modern Samsung phones.
• Venture into full-system fuzzing with studies on OpenWRT, diving into nuances when targeting different architectures such as ARM.
• Witness the marvel of iOS full-system fuzzing, understanding the unique challenges and solutions involved.
• Explore the world of Android libraries and their vulnerabilities, leveraging the open-source project Sloth.

Concluding Thoughts: Summarize the wealth of knowledge, emphasizing the significance of the research and future directions in this critical domain of cybersecurity.

This workshop promises a holistic understanding, from basics to advanced techniques, ensuring participants can apply these insights to real-world challenges. Whether you're a novice in cybersecurity or a seasoned practitioner, this session has something valuable for everyone. Join us in this engaging journey, drawing from the extensive research and practical examples from Fuzzing Against the Machine.