Показать сообщение отдельно
Старый 19.08.2020, 23:22   #1
 
Аватар для cl0ck
Группа: Member
 
Регистрация: 19.08.2020
Сообщений: 31
Репутация: 4
По умолчанию Binwalk – Firmware Security Analysis & Extraction Tool


Features of Binwalk Firmware Security Analysis & Extraction Tool
  • Scanning Firmware – Binwalk can scan a firmware image for many different embedded file types and file systems
  • File Extraction – You can tell binwalk to extract any files that it finds in the firmware image
  • Entropy Analysis – Can help identify interesting sections of data inside a firmware image
  • String Search – Allows you to search the specified file(s) for a custom string

nstallation of Binwalk Firmware Security Analysis & Extraction Tool

Download binwalk:

Код:
$ wget https://github.com/ReFirmLabs/binwalk/archive/master.zip
$ unzip master.zip

	
$ wget https://github.com/ReFirmLabs/binwalk/archive/master.zip
$ unzip master.zip
Install binwalk; if you have a previously installed version of binwalk, it is suggested that you uninstall it before upgrading:

Код:
$ (cd binwalk-master && sudo python setup.py uninstall && sudo python setup.py install)

	
$ (cd binwalk-master && sudo python setup.py uninstall && sudo python setup.py install)
Debian users can install all optional and suggested extractors/dependencies using the included deps.sh script (recommended):

Код:
$ sudo ./binwalk-master/deps.sh

	
$ sudo ./binwalk-master/deps.sh
If you are not a Debian user, or if you wish to install only selected dependencies, see the INSTALL documentation for more details.


Usage of Binwalk Firmware Security Analysis & Extraction Tool
File Extraction

You can tell binwalk to extract any files that it finds in the firmware image with the -e option:
Код:
$ binwalk -e firmware.bin

	
$ binwalk -e firmware.bin
Binwalk will even recursively scan files as it extracts them if you also specify the -M option:

Код:
$ binwalk -Me firmware.bin

	
$ binwalk -Me firmware.bin
And if the -r option is specified, any file signatures that couldn’t be extracted – or that resulted in 0-size files – will be automatically deleted:

Код:
$ binwalk -Mre firmware.bin
	
$ binwalk -Mre firmware.bin
To extract one specific signature type, specify one or more -D type options:
Код:
$ binwalk -D 'png image:png' firmware.bin

	
$ binwalk -D 'png image:png' firmware.bin
Entropy Analysis

What happens if binwalk doesn’t report any signatures? Or, how do you know binwalk didn’t miss anything interesting?

Entropy analysis can help identify interesting sections of data inside a firmware image:
Код:
$ binwalk -E firmware.bin

	
$ binwalk -E firmware.bin
download
cl0ck вне форума   Ответить с цитированием
 
Время генерации страницы 0.09041 секунды с 10 запросами