Karonte is a static analysis tool to detect multi-binary vulnerabilities in embedded firmware.
Research Paper
We present our approach and the findings of this work in the following research paper:
Detecting Insecure Multi-binary Interactions in Embedded Firmware [PDF]
Nilo Redini, Aravind Machiry, Ruoyu Wang, Chad Spensky, Andrea Continella, Yan Shoshitaishvili, Christopher Kruegel, Giovanni Vigna. To appear in Proceedings of the IEEE Symposium on Security & Privacy (S&P), May 2020
If you use it in a scientific publication, we would appreciate citations using this Bibtex entry:
@inproceedings{redini_karonte_20, author = {Nilo Redini and Aravind Machiry and Ruoyu Wang and Chad Spensky and Andrea Continella and Yan Shoshitaishvili and Christopher Kruegel and Giovanni Vigna}, booktitle = {To appear in Proceedings of the IEEE Symposium on Security & Privacy (S&P)}, month = {May}, title = {KARONTE: Detecting Insecure Multi-binary Interactions in Embedded Firmware}, year = {2020} }
Also Read – Stowaway : Multi-hop Proxy Tool For Pentesters
Repository Structure
There are four main directories:
Run
To run it, from the root directory, just run
By default, results are saved in /tmp/ with the suffix Karonte.txt.
To inspect the generated alerts, just run:
python tool/pretty_print.py LOG_NAME
Docker
A dockerized version of it is ready to use can be found here
Dataset
You can obtain it dataset at this link
Cybersecurity tools play a critical role in safeguarding digital assets, systems, and networks from malicious…
MODeflattener is a specialized tool designed to reverse OLLVM's control flow flattening obfuscation through static…
"My Awesome List" is a curated collection of tools, libraries, and resources spanning various domains…
CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, allowed attackers to execute arbitrary…
The blog post "Chrome Browser Exploitation, Part 1: Introduction to V8 and JavaScript Internals" provides…
The exploitation of CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, relies on…