路由器逆向分析------binwalk⼯具的安装⼀、binwalk⼯具运⾏⽀持的平台
Operating System Core Support Optional Feature Support Ea of Installation
Linux Excellent Excellent Very easy
OSX Excellent Good Very easy
FreeBSD Experimental Unknown Very easy
Windows Experimental Poor Very easy
在Linux下使⽤binwalk⼯具效果最佳,坑最少;推荐在ubuntu系统下安装和使⽤binwalk⼯具。
⼆、binwalk⼯具的简单安装
Installation
Binwalk follows the standard Python installation procedure:
$ sudo python tup.py install
If you're running Python 2.x, you'll also want to install the Python lzma module:
三下乡心得
$ sudo apt-get install python-lzma
在binwalk⼯具的简单安装之前,需要在ubuntu系统上安装好python,binwalk⼯具简单安装的命令过程如下:$ sudo apt-get update
$ sudo apt-get install build-esntial autoconf git
$ git /devttys0/binwalk
$ cd binwalk
$ sudo python tup.py install
# 如果安装的是 python 2.x,还需要安装python-lzma模块
$ sudo apt-get install python-lzma
binwalk⼯具的详细使⽤帮助说明:
Binwalk v2.1.2b
Craig Heffner, www.binwalk
Usage: binwalk [OPTIONS] [FILE1] [FILE2] [FILE3] ...
Disasmbly Scan Options:
-Y, --disasm Identify the CPU architecture of a file using the capstone disasmbler
-T, --minsn=<int> Minimum number of concutive instructions to be considered valid (default: 500)
-k, --continue Don't stop at the first match
Signature Scan Options:
-B, --signature Scan target file(s) for common file signatures
-R, --raw=<str> Scan target file(s) for the specified quence of bytes
-A, --opcodes Scan target file(s) for common executable opcode signatures
-m, --magic=<file> Specify a custom magic file to u
-b, --dumb Disable smart signature keywords
-I, --invalid Show results marked as invalid
-x, --exclude=<str> Exclude results that match <str>
-y, --include=<str> Only show results that match <str>
Extraction Options:
-e, --extract Automatically extract known file types
-D, --dd=<type:ext:cmd> Extract <type> signatures, give the files an extension of <ext>, and execute <cmd>
-M, --matryoshka Recursively scan extracted files
-d, --depth=<int> Limit matryoshka recursion depth (default: 8 levels deep)韩京姬
-C, --directory=<str> Extract files/folders to a custom directory (default: current working directory)
-j, --size=<int> Limit the size of each extracted file
-n, --count=<int> Limit the number of extracted files
-r, --rm Delete carved files after extraction
-z, --carve Carve data from files, but don't execute extraction utilities
Entropy Analysis Options:
-E, --entropy Calculate file entropy
-F, --fast U faster, but less detailed, entropy analysis
-J, --save Save plot as a PNG
-Q, --nlegend Omit the legend from the entropy plot graph
-N, --nplot Do not generate an entropy plot graph
-H, --high=<float> Set the rising edge entropy trigger threshold (default: 0.95)
-
L, --low=<float> Set the falling edge entropy trigger threshold (default: 0.85)
Raw Compression Options:
-X, --deflate Scan for raw deflate compression streams
-Z, --lzma Scan for raw LZMA compression streams
-P, --partial Perform a superficial, but faster, scan
-S, --stop Stop after the first result
Binary Diffing Options:
过去将来时结构-W, --hexdump Perform a hexdump / diff of a file or files
-G, --green Only show lines containing bytes that are the same among all files
-i, --red Only show lines containing bytes that are different among all files
-U, --blue Only show lines containing bytes that are different among some files
-
w, --ter Diff all files, but only display a hex dump of the first file
General Options:
-l, --length=<int> Number of bytes to scan
-o, --offt=<int> Start scan at this file offt
-O, --ba=<int> Add a ba address to all printed offts
-K, --block=<int> Set file block size
-g, --swap=<int> Rever every n bytes before scanning
-f, --log=<file> Log results to file
-c, --csv Log results to file in CSV format
-t, --term Format output to fit the terminal window
-q, --quiet Suppress output to stdout
-
v, --verbo Enable verbo output
-h, --help Show help output
-a, --finclude=<str> Only scan files who names match this regex
-p, --fexclude=<str> Do not scan files who names match this regex
-s, --status=<int> Enable the status rver on the specified port
binwalk的简单安装功能有限,只能将对设备的固件进⾏⽂件组成格式的分析和设备的⽂件系统进⾏提取,不能对提取后的设备⽂件系统进⾏解压处理。要binwalk⼯具能对提取后的设备⽂件系统进⾏解压还需要安装binwalk⼯具需要的依赖库和组件⼯具。
风采的近义词
使⽤binwalk⼯具对设备的固件进⾏⽂件组成格式的分析(以路由器固件的分析为例):
$ binwalk firmware.bin | head
山东高考作文
分析结果如图:皮具品牌
使⽤binwalk⼯具对设备的固件⽂件系统进⾏提取(以路由器固件的分析为例):
$ binwalk -e firmware.bin
# 或者
$ binwalk -Me firmware.bin
羽毛球打法
⽂件系统的提取结果如图:
从上⾯的提取结果来看,binwalk虽然对路由器固件的⽂件系统squashfs提取成功,但是⽂件系统squashfs解压却失败,主要的原因是因为binwalk⼯具的安装不完整,后⾯会提到binwalk⼯具的完整安装。
当然了,binwalk还有⼀种更简单的直接安装⽅式:
$ sudo apt-get update
$ sudo apt-get install binwalk
参考⽹址:
三、binwalk⼯具的完整安装
Before You Start
Binwalk supports Python 2.7 - 3.x. Although most systems have Python2.7 t as their default Python interpreter, binwalk does run faster in Python3. Installation procedures for both are provided below.
Installation
Installation follows the typical Python installation procedure:
# Python2.7
$ sudo python tup.py install
# Python3.x
$ sudo python3 tup.py install
NOTE: Older versions of binwalk (e.g., v1.0) are not compatible with the latest version of binwalk. It is strongly recommended that you uninstall any existing binwalk installations before installing the latest version in order to avoid API conflicts.
Dependencies
Besides a Python interpreter, there are no installation dependencies for binwalk. All dependencies are optional run-time dependencies, and unless otherwi specified, are available from most Linux package managers.
Although all binwalk run-time dependencies are optional, the python-lzma module is highly recommended for improving the reliability of signature scans. This module is included by default in Python3, but must be installed parately for Python2.7:
$ sudo apt-get install python-lzma
Binwalk us the pycrypto library to decrypt some known encrypted firmware images:
# Python2.7
$ sudo apt-get install python-crypto
# Python3.x
$ sudo apt-get install python3-crypto
Binwalk us to generate graphs and visualizations, which requires the following:
# Python2.7
$ sudo apt-get install libqt4-opengl python-opengl python-qt4 python-qt4-gl python-numpy python-scipy python-pip
$ sudo pip install pyqtgraph
# Python3.x
$ sudo apt-get install libqt4-opengl python3-opengl python3-pyqt4 python3-pyqt4.qtopengl python3-numpy python3-scipy python3-pip
$ sudo pip3 install pyqtgraph
Binwalk's --disasm option requires the disasmbly framework and its corresponding Python bindings:
小学作文教学# Python2.7
$ sudo apt-get install python-pip
$ sudo pip install capstone
# Python3.x
$ sudo apt-get install python3-pip
$ sudo pip3 install capstone
Binwalk relies on multiple external utilties in order to automatically extract/decompress files and data:
# Install standard extraction utilities
$ sudo apt-get install mtd-utils gzip bzip2 tar arj lhasa p7zip p7zip-full cabextract cramfsprogs cramfsswap squashfs-tools
# Install sasquatch to extract non-standard SquashFS images
$ sudo apt-get install zlib1g-dev liblzma-dev liblzo2-dev
$ git /devttys0/sasquatch
$ (cd sasquatch && ./build.sh)
# Install jefferson to extract JFFS2 file systems
$ sudo pip install cstruct
$ git /sviehb/jefferson
$ (cd jefferson && sudo python tup.py install)
# Install ubi_reader to extract UBIFS file systems
$ sudo apt-get install liblzo2-dev python-lzo
$ git /jrspruitt/ubi_reader
$ (cd ubi_reader && sudo python tup.py install)
# Install yaffshiv to extract YAFFS file systems
$ git /devttys0/yaffshiv
$ (cd yaffshiv && sudo python tup.py install)
# Install unstuff (clod source) to extract StuffIt archive files
$ wget -O - /downloads/files/stuffit520. | tar -zxv
$ sudo cp bin/unstuff /usr/local/bin/
Note that for Debian/Ubuntu urs, all of the above dependencies can be installed automatically using the included deps.sh script:
$ sudo ./deps.sh
binwalk⼯具的快速安装和使⽤⽅式,参考官⽅的链接:
Quick Start Guide
Peter Wu edited this page on 21 May 2016 ·
Pages 12
Clone this wiki locally
Installation
Download binwalk:
$ /devttys0/binwalk/archive/master.zip
$ unzip master.zip
Install binwalk; if you have a previously installed version of binwalk, it is suggested that you uninstall it before upgrading:
$ (cd binwalk-master && sudo python tup.py uninstall && sudo python tup.py install)
Debian urs can install all optional and suggested extractors/dependencies using the included deps.sh script (recommended):
$ sudo ./binwalk-master/deps.sh
If you are not a Debian ur, or if you wish to install only lected dependencies, e the documentation for more details.
Scanning Firmware
The primary - and by far the most popular - feature of binwalk is its signature scanning.
Binwalk can scan a firmware image for many different embedded file types and file systems; just give it a list of files to scan:
$ binwalk firmware.bin
DECIMAL HEX DESCRIPTION
-------------------------------------------------------------------------------------------------------------------
0 0x0 DLOB firmware header, boot partition: "dev=/dev/mtdblock/2"
112 0x70 LZMA compresd data, properties: 0x5D, dictionary size: 33554432 bytes, uncompresd size: 3797616 bytes
1310832 0x140070 PackImg ction delimiter tag, little endian size: 13644032 bytes; big endian size: 3264512 bytes
1310864 0x140090 Squashfs filesystem, little endian, version 4.0, compression:lzma, size: 3264162 bytes, 1866 inodes, blocksize: 65536 bytes, created: Tue A
