#Hacktivity2022 скачать в хорошем качестве

#Hacktivity2022

Our work has two main contributions: First, we developed a framework that can be used to emulate and fuzz TAs in OP-TEE, a popular, open and protable TEE implementation. Second, we developed a method to overcome difficulties of fuzzing applications that take their inputs from shared memory. Our work was inspired by a previous Hacktivity talk, where it was shown that emulators can be used to execute TAs and it is possible to connect such an emulator with a fuzzer. We extended this work to a degree that allows for emulating real-world TAs in OP-TEE that extensively use library functions and services provided by the trusted OS. We demonstarte the usage of our framework by fuzzing a security critical TA that we developed for the purpose of rootkit detection on embedded devices. This TA inspects the memory snapshot of the rich OS (which is Linux in our case), and tries to find anomalies in kernel data structures that could be caused by the presence of a rootkit. We fuzz this TA by providing input to it via its memory read function. However, in order to minimize the amount of irrelevant inputs, we developed a custom input mutation method that takes into account prior knowledge about the kernel data structures expected by tested TA. https://www.hacktivity.com