IoT 펌웨어 취약점 분석을 위한 프레임워크
Overview
2021-1 캡스톤디자인2(CSE405-00) 수업 프로젝트로 만든 Arduino M0 계열 취약점 분석 툴.
Date
2021.03 ~ 2021.06
Usage
- Analyze the given firmware:
python3 m0-angr.py --type a --name firm.bin
It generates the followings:
-
api.txt: It contains the list of restored APIs. -
cfg.txt: It contains the restored Control-Flow Graph in the form of disassembly. -
vuln.txt: It contains the list of found vulnerabilities.
- Generate exploitable payloads:
python3 m0-angr.py --type g --name firm.bin --out payload.bin --code {{vuln_offset}} --dest {{dest_offset}} --ret {{ret_offset}}
-
{{vuln_offset}}: The offset where vulnerable codes are located(listed in the generatedvuln.txt). -
{{dest_offset}}: The offset to jump into. It must be of the prologue in a function. -
{{ret_offset}}: The offset to go back to after its first step of ROP ends.
- Enjoy~.
Requirements
- Ubuntu 18.04
- Python 3.6+
- Radare2
- Angr
Member
- 2015104162 김정현