README.md
1.07 KB
IoT 펌웨어 취약점 분석을 위한 프레임워크
Overview
2021-1 캡스톤디자인2(CSE405-00) 수업 프로젝트로 만든 Arduino M0 계열 취약점 분석 툴.
Date
2021.03 ~ 2021.06
Usage
- Analyze the given firmware. It generates the followings:
-
api.txt
: It contains the list of restored APIs. -
cfg.txt
: It contains the restored Control-Flow Graph in the form of disassembly. -
vuln.txt
: It contains the list of found vulnerabilities.python3 m0-angr.py --type a --name firm.bin
-
- Generate exploitable payloads.
-
{{vuln_offset}}
: The offset where vulnerable codes are located(listed in the generatedvuln.txt
). -
{{dest_offset}}
: The offset to jump into. It must be of the prologue in a function. -
{{ret_offset}}
: The offset to go back to after its first step of ROP ends.python3 m0-angr.py --type g --name firm.bin --out payload.bin --code {{vuln_offset}} --dest {{dest_offset}} --ret {{ret_offset}}
-
- Enjoy~.
Requirements
- Ubuntu 18.04
- Python 3.6+
- Radare2
- Angr
Member
- 2015104162 김정현