-
A forensic analysis of the Google Home: repairing compressed data without error correction
Authors:
Hadrien Barral,
Georges-Axel Jaloyan,
Fabien Thomas-Brans,
Matthieu Regnery,
Rémi Géraud-Stewart,
Thibaut Heckmann,
Thomas Souvignet,
David Naccache
Abstract:
This paper provides a detailed explanation of the steps taken to extract and repair a Google Home's internal data. Starting with reverse engineering the hardware of a commercial off-the-shelf Google Home, internal data is then extracted by desoldering and dumping the flash memory. As error correction is performed by the CPU using an undisclosed method, a new alternative method is shown to repair a…
▽ More
This paper provides a detailed explanation of the steps taken to extract and repair a Google Home's internal data. Starting with reverse engineering the hardware of a commercial off-the-shelf Google Home, internal data is then extracted by desoldering and dumping the flash memory. As error correction is performed by the CPU using an undisclosed method, a new alternative method is shown to repair a corrupted SquashFS filesystem, under the assumption of a single or double bitflip per gzip-compressed fragment. Finally, a new method to handle multiple possible repairs using three-valued logic is presented.
△ Less
Submitted 29 September, 2022;
originally announced October 2022.
-
Automated Discovery of New $L$-Function Relations
Authors:
Hadrien Barral,
Rémi Géraud-Stewart,
Arthur Léonard,
David Naccache,
Quentin Vermande,
Samuel Vivien
Abstract:
$L…
▽ More
$L$-functions typically encode interesting information about mathematical objects. This paper reports 29 identities between such functions that hitherto never appeared in the literature. Of these we have a complete proof for 9; all others are extensively numerically checked and we welcome proofs of their (in)validity.
The method we devised to obtain these identities is a two-step process whereby a list of candidate identities is automatically generated, obtained, tested, and ultimately formally proven. The approach is however only \emph{semi-}automated as human intervention is necessary for the post-processing phase, to determine the most general form of a conjectured identity and to provide a proof for them.
This work complements other instances in the literature where automated symbolic computation has served as a productive step toward theorem proving and can be extended in several directions further to explore the algebraic landscape of $L$-functions and similar constructions.
△ Less
Submitted 9 June, 2022; v1 submitted 7 June, 2022;
originally announced June 2022.
-
RISC-V: #AlphanumericShellcoding
Authors:
Hadrien Barral,
Rémi Géraud-Stewart,
Georges-Axel Jaloyan,
David Naccache
Abstract:
We explain how to design RISC-V shellcodes capable of running arbitrary code, whose ASCII binary representation use only letters a-zA-Z, digits 0-9, and either of the three characters: #, /, '.
We explain how to design RISC-V shellcodes capable of running arbitrary code, whose ASCII binary representation use only letters a-zA-Z, digits 0-9, and either of the three characters: #, /, '.
△ Less
Submitted 10 August, 2019;
originally announced August 2019.
-
ARMv8 Shellcodes from 'A' to 'Z'
Authors:
Hadrien Barral,
Houda Ferradi,
Rémi Géraud,
Georges-Axel Jaloyan,
David Naccache
Abstract:
We describe a methodology to automatically turn arbitrary ARMv8 programs into alphanumeric executable polymorphic shellcodes. Shellcodes generated in this way can evade detection and bypass filters, broadening the attack surface of ARM-powered devices such as smartphones.
We describe a methodology to automatically turn arbitrary ARMv8 programs into alphanumeric executable polymorphic shellcodes. Shellcodes generated in this way can evade detection and bypass filters, broadening the attack surface of ARM-powered devices such as smartphones.
△ Less
Submitted 22 June, 2019; v1 submitted 11 August, 2016;
originally announced August 2016.