Figure 1 - uploaded by Dominik Maier
Content may be subject to copyright.
Source publication
Rogue base stations are an effective attack vector. Cellular basebands represent a critical part of the smartphone's security: they parse large amounts of data even before authentication. They can, therefore, grant an attacker a very stealthy way to gather information about calls placed and even to escalate to the main operating system, over-the-ai...
Contexts in source publication
Context 1
... this section, we discuss the BaseSAFE API. Unicorn is extended with an AFL-specific API to enable easy fuzzing, and an extra API to hook the operating system's heap sanitizer. A high-level overview of the BaseSAFE procedure is depicted in Fig. 1. The API of BaseSAFE goes beyond previous emulators, such as AFL Unicorn by Voss [56] which did not offer interactions with AFL. Interactions with AFL are required to kick off the fast persistent mode, but simply always started fuzzing after the first instruction. As execution left the emulator after the first instruction to read AFL ...
Context 2
... this section, we discuss the BaseSAFE API. Unicorn is extended with an AFL-specific API to enable easy fuzzing, and an extra API to hook the operating system's heap sanitizer. A high-level overview of the BaseSAFE procedure is depicted in Fig. 1. The API of BaseSAFE goes beyond previous emulators, such as AFL Unicorn by Voss [56] which did not offer interactions with AFL. Interactions with AFL are required to kick off the fast persistent mode, but simply always started fuzzing after the first instruction. As execution left the emulator after the first instruction to read AFL ...