TWRP 2.8.3.0 Available for Supported Devices

The TeamWin Recovery Project (or TWRP, for short) has quickly become one of the most popular … more

Easily Generate and Export Material Design Palletes

For many people, it can be pretty difficult to create a palette of complementary colors. … more

Android One Expanding to Bangladesh, Nepal, and Sri Lanka

At Google I/O 2013, Google proudly announced that the Android operating system was … more

Android 5.0.2 Fixes 2012 Nexus 7! Sony’s Making a Google Glass Competitor? – XDA TV

Android 5.0.2 Lollipop is available for the … more

Welcome to XDA

Search to go directly to your device's forum

Register an account

Unlock full posting privileges

Ask a question

No registration required
Post Reply

Qualcomm Hexagon Disassembler?

OP E:V:A

5th January 2014, 08:39 PM   |  #1  
E:V:A's Avatar
OP Recognized Developer
Flag -∇ϕ
Thanks Meter: 1,900
 
1,381 posts
Join Date:Joined: Dec 2011
Anyone Interested?

As our mobile devices are getting more and more locked-up and harder to maintain, it's is surprising that so little effort has been done in vulnerability research of the Qualcomm Hexagon DSP's. After all, these beasts have been roaming around freely in our phone cores for nearly 8 years already. (In all Snapdragons since 2006). But very few, to none of our security experts have had a good look at what's hiding inside.

So what I propose, is that we start an effort to build an Open Source Hexagon Disassembler for public security research of mobile baseband firmware.

The only effort I know of to this date is that made by Jan Willem Hengeveld (itsme), who wrote an IDA module (here) to the best of his abilities. I don't know what is the current status of that today, but the IDA Hexagon module is now hosted at Github HERE by Ralf-Philipp Weinmann (rpw), who reverse engineered parts of the baseband (shown in THIS video) and recently helped expose the insecurity of TOR hidden-services.

I'm not going to answer why this is important at this point, but I'd rather like to know more about what mobile developers in the security field think about this. Highly technical talk is welcome and preferred.

If you have any additional information on how to do this, or what would be required, please chime in!
Last edited by E:V:A; 13th January 2014 at 01:45 PM.
The Following User Says Thank You to E:V:A For This Useful Post: [ View ]
10th February 2014, 08:31 PM   |  #2  
SecUpwN's Avatar
Senior Member
Flag CLASSIFIED
Thanks Meter: 597
 
1,949 posts
Join Date:Joined: Jun 2012
Donate to Me
More
Quote:
Originally Posted by E:V:A

Anyone Interested?
If you have any additional information on how to do this, or what would be required, please chime in!

PUSH! I recommend you to have a chit-chat with developer @c0rnholio, who developed the awesome HushSMS.
19th February 2014, 11:25 PM   |  #3  
Junior Member
Thanks Meter: 0
 
14 posts
Join Date:Joined: Nov 2013
More
That is very interesting topic. I think it will be hard to disassemble the modem/baseband DSP, but it will be easier accessing the multimedia DSP which is open for user programming. There is even a linux project running on hexagon cores
Post Reply Subscribe to Thread

Tags
baseband, disassembler, hexagon, ida, reverse
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes