eShard

Missing peripheral in QEMU? Adding it yourself is easier than you think.

We hit a wall analyzing CVE-2019-14192 on real Raspberry Pi 3B+ firmware, so we added the missing driver to #QEMU. Register by register, using U-Boot's own source as the spec.

🔗 http://www.eshard.com/blog/u-boot-cve-tta-qemu-part-2

#QEMU #Cybersecurity #firmware #uboot

Time Travel Analysis with QEMU on IoT Targets: Not Always That Hard - Part II | eShard

Adding a missing USB Ethernet peripheral to QEMU to unlock Time Travel Debugging on unmodified Raspberry Pi 3B+ firmware.

May 13 at 11:44amWeb
Show threadHack in Days of Future Past4d ago

@eshard Very clever write-up from @eshard team on adding a missing USB-Ethernet peripheral to QEMU (SMSC LAN9514) to enable Time Travel Analysis of CVE-2019-14192 on unmodified RPi 3B+ U-Boot firmware.

Using the U-Boot driver as the hardware spec is such an elegant trick. Sparked some ideas for things I'm working on. Thanks for sharing it !

https://www.eshard.com/blog/u-boot-cve-tta-qemu-part-2

Time Travel Analysis with QEMU on IoT Targets: Not Always That Hard - Part II | eShard

Adding a missing USB Ethernet peripheral to QEMU to unlock Time Travel Debugging on unmodified Raspberry Pi 3B+ firmware.