Need help with karonte?
Click the “chat” button below for chat support from the developer who created it, or find similar developers for support.

About the developer

ucsb-seclab
196 Stars 40 Forks BSD 2-Clause "Simplified" License 23 Commits 2 Opened issues

Description

Karonte is a static analysis tool to detect multi-binary vulnerabilities in embedded firmware

Services available

!
?

Need anything else?

Contributors list

# 100,496
Android
decompi...
C
C++
15 commits
# 207,540
C
Shell
C++
binary
7 commits

Karonte

License

Karonte is a static analysis tool to detect multi-binary vulnerabilities in embedded firmware.

Overview

Research paper

We present our approach and the findings of this work in the following research paper:

KARONTE: Detecting Insecure Multi-binary Interactions in Embedded Firmware [PDF]
Nilo Redini, Aravind Machiry, Ruoyu Wang, Chad Spensky, Andrea Continella, Yan Shoshitaishvili, Christopher Kruegel, Giovanni Vigna.
In Proceedings of the IEEE Symposium on Security & Privacy (S&P), May 2020

If you use Karonte in a scientific publication, we would appreciate citations using this Bibtex entry:

tex
@inproceedings{redini_karonte_20,
 author    = {Nilo Redini and Aravind Machiry and Ruoyu Wang and Chad Spensky and Andrea Continella and Yan Shoshitaishvili and Christopher Kruegel and Giovanni Vigna},
 booktitle = {In Proceedings of the IEEE Symposium on Security & Privacy (S&P)},
 month     = {May},
 title     = {KARONTE: Detecting Insecure Multi-binary Interactions in Embedded Firmware},
 year      = {2020}
}

Repository Structure

There are four main directories: - tool: Karonte python files - firmware: Karonte firmware dataset - configs: configuration files to analyze the firmware samples in the dataset - eval: scripts to run the various evaluations on Karonte - karonte-viz: script to visualize the results produced by Karonte

Run Karonte

To run karonte, from the root directory, just run

SYNOPSIS       python tool/karonte.py JSONCONFIGFILE [LOG_NAME]

DESCRIPTION      runs karonte on the firmware sample represented by the JSONCONFIGFILE, and save the results in LOG_NAME

EXAMPLE      python tool/karonte.py config/NETGEAR/r_7800.json      It runs karonte on the R7800 NETGEAR firmware

By default, results are saved in /tmp/ with the suffix Karonte.txt.

To inspect the generated alerts, just run:

      python tool/pretty_print.py LOG_NAME

Docker

A dockerized version of Karonte ready to use can be found here

Dataset

You can obtain Karonte dataset at this link

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.