tags:emulationandroidbasebandfuzzing original link: SIMurai: Slicing Through the Complexity of SIM Card Security Research newsletter link: exploits.club Weekly Newsletter 35 - NPU exploits, Phrack 71, 2014 Tablet Hacks, and More
Exploits Club Summary:
A new paper from @nSinusR et al asks the question what if a malicious SIM card was a valid attack surface? The paper centers around the release of the teamâs new tool, SIMurai, a âversatile software SIM implementation that can be integrated into various environments for advanced testing and development.â It starts by describing the toolâs design and how it implements various technical aspects of the specification. It then jumps into the juicy security research aspects, walking through several threat models and the associated potential attacks. Of note, the team ran a fuzzing campaign against baseband firmware, and identified two high severity vulnerabilities.