The Baseband Processor in modern Cellphones remains one of the least understood elements, yet is incredibly trusted in order to interact with the Cellular Network as well as with the Application Processor.
This talk aims to shed some light on these dark corner, and provide advice for other reverse engineers trying to explore this area.
This talk focuses on Apple's iPhone Platform, since their recent move back to the Infineon chipset makes research a lot easier, compared to the previous dominating Hexagon chipset.
I will start by describing the preliminary firmware analysis, during which I created rudimentary map of its different parts and their respective role.I will proceed revealing the secrets hidden inside the Baseband. I will conclude by presenting a research environment that I have developed that great simplifies the process of diffing, interacting and fuzzing the Infineon SoC.Side note: Not dropping any 0days, this is a methodology and process talk. A bit late, it took a while to write, (with the help of a few friends),the abstract.