Fuzzing Against the Machine: Automate Vulnerability Research with Emulated IoT Devices on QEMU

Price: $35.99
(as of May 20,2023 19:23:54 UTC – Details)

If you want to find security flaws in any architecture, this book is for you. Emulation and fuzzing are powerful techniques that can help improve cybersecurity, but making the most of them can be difficult. Fuzzing Against the Machine is a practical guide to understanding these approaches, providing you with the fundamental concepts of fuzzing and emulation as well as advanced vulnerability research skills. Using real-world use cases and practical examples, this book gives you the tools and skills you need to find security flaws in your software.

Begin by learning about two open-source fuzzer engines: QEMU, which allows you to run software for any architecture, and American Fuzzy Lop (AFL) and its enhanced version, AFL++. This book shows you how to combine these potent tools to create your own emulation and fuzzing environment and then use it to discover vulnerabilities in various systems such as iOS, Android, and Samsung’s Mobile Baseband software, Shannon. Although you can dive into whichever chapter you want, the book gradually progresses to more advanced topics.

By the end of this book, you will have the skills, knowledge, and practice required to use QEMU and several fuzzing engines to emulate and fuzz firmware and identify flaws in any firmware.

Key Features

• Understand the vulnerability landscape and useful tools such as QEMU and AFL
• Explore use cases to find vulnerabilities and execute unknown firmware
• Create your own firmware emulation and fuzzing environment to discover vulnerabilities

What You Will Learn

• Understand the difference between emulation and virtualization
• Discover the importance of emulation and fuzzing in cybersecurity
• Fuzz an entire operating system and inject a fuzzer into proprietary firmware
• Know the difference between static and dynamic fuzzing
• Combine QEMU with AFL and AFL++
• Explore fuzz peripherals such as modems
• Identify vulnerabilities in OpenWrt

Who This Book Is For

This book is aimed at security researchers, security professionals, embedded firmware engineers, and embedded software professionals. Those interested in emulation and software engineers interested in vulnerability research and exploitation, software testing, and embedded software development will also find it useful. This book assumes basic knowledge of programming (C and Python), operating systems (Linux and macOS), and the use of Linux shell, compilation, and debugging.

Table of Contents

• Who This Book Is For
• History of emulation
• QEMU from the ground
• QEMU Execution Modes and Fuzzing
• A Famous Refrain: AFL+QEMU=CVEs
• Modifying QEMU for basic instrumentation
• Real-life Case Study: Samsung Exynos Baseband
• Case Study: OpenWRT full system fuzzing
• Case Study: OpenWRT System Fuzzing for ARM
• Finally Here: iOS Full System Fuzzing
• Deus Ex Machina: Fuzzing Android Libraries
• Conclusion and Final Remarks

Publisher: Packt Publishing (May 19, 2023)
Language: English
Paperback: 238 pages
ISBN-10: 1804614971
ISBN-13: 978-1804614976
Item Weight: 3.53 ounces
Dimensions: 7.5 x 0.54 x 9.25 inches