tags:linuxfirmwarestatic_analysis original link: Operation Mango: Scalable Discovery of Taint-Style Vulnerabilities in Binary Firmware Services newsletter link: exploits.club Weekly Newsletter 14
Exploits Club Summary:
This paper, which was just accepted to USINEX â24, walks through âMangoDFA, a novel binary data-flow analysis leveraging value analysis and data dependency analysis on binary codeâ. The key idea is a scalable way to statically analyze Linux-based IoT firmware for common bugs. The results showed that the tool was able to both analyze binaries quicker and find more bugs compared to the other solutions currently available.