FirmWire

IoT 9个月前 admin
338 0 0
              ___            __      __                         
-.     .-.   | __|(+) _ _ _ _\ \    / /(+) _ _ ___    .-.     .-
  \   /   \  | _|  | | '_| '  \ \/\/ /  | | '_/ -_)  /   \   /  
   '-'     '-|_|   | |_| |_|_|_\_/\_/   | |_| \___|-'     '-'   
             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~             

FirmWire

FirmWire is a full-system baseband firmware analysis platform that supports Samsung and MediaTek. It enables fuzzing, root-cause analysis, and debugging of baseband firmware images. See the FirmWire documentation to get started!

Experiments & Missing Parts?

Upon a vendor's request, the current public release of FirmWire is a preview version omitting some of the functionality described in the paper. We will publish the full version and automated scripts to replicate our experiments during NDSS'22 (April 24th-28th).

BibTeX

FirmWireFirmWire is the result of a multi-year, cross university research effort. See the paper for more details.

If you are using FirmWire in an academic paper please use this to cite it:

@inproceedings{hernandez_firmwire_2022,
  title = {{FirmWire: Transparent Dynamic Analysis for Cellular Baseband Firmware}},
  shorttitle = {{FirmWire}},
  booktitle = {{ Symposium on Network and Distributed System Security (NDSS) }},
  author = {Hernandez, Grant and Muench, Marius and Maier, Dominik and Milburn, Alyssa and Park, Shinjo and Scharnowski, Tobias and Tucker, Tyler and Traynor, Patrick and Butler, Kevin R. B.},
  year = {2022}
}

FirmWire's License

FirmWire is licensed under BSD-3 and developed by "Team FirmWire", which currently consists of the authors on the NDSS paper unless stated otherwise. We expect FirmWire to be used for commercial purposes (e.g. private baseband vulnerability research, bug bounties, etc.). The license permits this. We (Team FirmWire) request that users in these settings notify us through public (e.g. issues) or private (e.g. email, Signal) means about your use. We are curious! If FirmWire or derived work helped you find a vulnerability, we'd also like to know in order to add it to the FirmWire trophy wall. Finally, one or more members of Team FirmWire may be willing to provide consulting services such as trainings, custom extensions to FirmWire, advice, and the like. Please reach out if interested.

 

 

原文始发于Github:FirmWire

版权声明:admin 发表于 2022年3月14日 下午1:24。
转载请注明:FirmWire | CTF导航

相关文章

暂无评论

暂无评论...