This is the repo for all real-world firmware fuzz-tested in P2IM paper.
Please follow the instructions here. You can either use the pre-compiled firmware binary in binary/, or compile the firmware by yourself.
Setup the compiler toolchain following these instructions.
For Arduino-based firmware, you need to set up the Arduino development environment:
-
Download the Arduino core, and untar it to ~/.arduino15
-
Download the library that firmware rely on, and untar it to ~/Arduino
Now you are ready to compile firmware. Please follow the instructions in README.md under each directory.
All firmware invoke aflCall, as explained here. In QEMU, aflCall is intercepted and does not change firmware state. However, it may crash the firmware on real device. To disable aflCall, simply set noHyperCall variable to 1 on source code, or replace all svc $0x3f instructions by NOP on binary.
I am still cleaning Soldering_Iron firmware.