Hacking Bluetooth Firmware of WiFi Combo Chips in Smartphones

Bachelor Thesis, Master Thesis, Diploma Thesis, Practical Course

open


Type
Analysis: 6
Empiricism: 4
Implementation: 10
Literature Research: 5

Motivation

After reverse engineering the firmware of BCM4339 WiFi chips, we now intend to continue with the Bluetooth tranceiver that is included in the chip. In this thesis, you will extract the Bluetooth firmware, analyze how it interacts with the WiFi core and how we can use it to perform attacks or extend the capabilites of Bluetooth in a smartphone.

Here are some references, of our previous work:

[1] M. Schulz, D. Wegemer, M. Hollick. DEMO: Using NexMon, the C-based WiFi firmware modification framework, Proceedings of the 9th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2016, July 2016. [pdf]

[2] M. Schulz, D. Wegemer and M. Hollick. NexMon: A Cookbook for Firmware Modifications on Smartphones to Enable Monitor Mode, CoRR, vol. abs/1601.07077, December 2015. [bibtex]


Supervisor:

Research Areas: Sichere Mobile Netze



Back


Contact

Prof. Dr.-Ing. Matthias Hollick

Technische Universität Darmstadt
Department of Computer Science
Secure Mobile Networking Lab 

Mornewegstr. 32 (S4/14)
64293 Darmstadt, Germany

Phone: +49 6151 16-25472
Fax: +49 6151 16-25471
office@seemoo.tu-darmstadt.de

Affiliations

A A A | Drucken Drucken | Impressum Impressum | Sitemap Sitemap | Suche Suche | Kontakt Kontakt | Webseitenanalyse: Mehr Informationen
zum Seitenanfangzum Seitenanfang