binwalk | Firmware Analysis Tool | Security library

 by   ReFirmLabs Python Version: v2.3.4 License: MIT

kandi X-RAY | binwalk Summary

kandi X-RAY | binwalk Summary

binwalk is a Python library typically used in Security applications. binwalk has no bugs, it has no vulnerabilities, it has build file available, it has a Permissive License and it has medium support. You can install using 'pip install binwalk' or download it from GitHub, PyPI.

Binwalk is a fast, easy to use tool for analyzing, reverse engineering, and extracting firmware images.
Support
    Quality
      Security
        License
          Reuse

            kandi-support Support

              binwalk has a medium active ecosystem.
              It has 9326 star(s) with 1402 fork(s). There are 365 watchers for this library.
              OutlinedDot
              It had no major release in the last 12 months.
              There are 131 open issues and 275 have been closed. On average issues are closed in 116 days. There are 51 open pull requests and 0 closed requests.
              It has a neutral sentiment in the developer community.
              The latest version of binwalk is v2.3.4

            kandi-Quality Quality

              binwalk has 0 bugs and 125 code smells.

            kandi-Security Security

              binwalk has no vulnerabilities reported, and its dependent libraries have no vulnerabilities reported.
              binwalk code analysis shows 0 unresolved vulnerabilities.
              There are 2 security hotspots that need review.

            kandi-License License

              binwalk is licensed under the MIT License. This license is Permissive.
              Permissive licenses have the least restrictions, and you can use them in most projects.

            kandi-Reuse Reuse

              binwalk releases are available to install and integrate.
              Deployable package is available in PyPI.
              Build file is available. You can build the component from source.
              Installation instructions are available. Examples and code snippets are not available.
              binwalk saves you 2172 person hours of effort in developing the same functionality from scratch.
              It has 4758 lines of code, 334 functions and 49 files.
              It has medium code complexity. Code complexity directly impacts maintainability of the code.

            Top functions reviewed by kandi - BETA

            kandi has reviewed binwalk and discovered the below as its top functions. This is intended to give you an instant insight into binwalk implemented functionality, and help decide if they suit your requirements.
            • Callback when a file is processed
            • Print a debug message
            • Checks if a key exists in the dictionary
            • Adds a file to the list
            • Return the next file to be extracted
            • Clear results
            • Return True if the file name matches the filter
            • Load plugins from file
            • Run the main loop
            • Scan the result of a zlib scan
            • Print the header of a scan
            • Generate strings from a file
            • Run bash completion
            • Extracts a PFS file
            • Execute all loaded modules
            • Perform a scan
            • Load the user
            • Start the module
            • Generate regex for a regular expression
            • Process the request
            • Return a list of the MAGIC signature files
            • Loads the binwalk
            • Scans the given result
            • Scan the result
            • Extract a CPIO file
            • Obfuscated firmware
            Get all kandi verified functions for this library.

            binwalk Key Features

            No Key Features are available at this moment for binwalk.

            binwalk Examples and Code Snippets

            copy iconCopy
            $ find . -name *hedwig*cgi
            ./htdocs/web/hedwig.cgi
            
            $ ls -larth ./htdocs/web/hedwig.cgi
            lrwxrwxrwx ./htdocs/web/hedwig.cgi -> /htdocs/cgibin
            
            squashfs-root/htdocs$ ls -larth hedwig.cgi
            hedwig.cgi -> cgibin
            
            MAIN_ADDR = 0x0402770
            HEDWIGCGI_MAIN   
            Features
            Pythondot img2Lines of Code : 135dot img2no licencesLicense : No License
            copy iconCopy
            from isf import core
            
            core.init_home_directory()
            
            # You can edit directories to load modules from
            core.modules_dirs.append('.')
            core.load_modules()
            
            # Way 1: import the module directly
            from isf.hardware.ttltalker import TTLTalker
            
            talker = TTLTalker(  
            DJI_ftpd_aes_unscramble
            Pythondot img3Lines of Code : 32dot img3no licencesLicense : No License
            copy iconCopy
            "The following products and/or projects appear to use BusyBox, but do not appear to release source code as required by the BusyBox license. This is a violation of the law! The distributors of these products are invited to contact Erik Andersen if the  

            Community Discussions

            QUESTION

            u-boot: cannot boot linux kernel despite kernel being less than maximum BOOTM_LEN
            Asked 2021-Apr-07 at 16:53

            I have a MIPS system (VSC7427) with u-boot and I am trying to boot a more recent kernel than the kernel provided by the vendor in their GPL release (which boots just fine).

            The kernel FIT image appears to be sane, and judging by the output I think it should be bootable:

            ...

            ANSWER

            Answered 2021-Apr-06 at 21:03

            The final problem you run in to:

            ERROR: new format image overwritten - must RESET the board to recover

            is because you've loaded the image in to memory in the same location as the entry point but you need to load it in to memory somewhere else so that U-Boot can unpack the image and put the contents where their load address is set to. Since you have 128MB of memory you should be able to put it at +32 or +64MB from start and then things should work.

            Source https://stackoverflow.com/questions/66950536

            QUESTION

            Is there a tool to extract a file from a ZIP archive when that file is not present in central directory but has its own LFH?
            Asked 2021-Jan-06 at 22:46

            I'm looking for a tool that can extract files by searching aggressively through a ZIP archive. The compressed files are preceded with LFHs but no CDHs are present. Unzip outputs an empty folder. I found one called 'binwalk' but even though it finds the hidden files inside ZIP archives it seems not to know how to extract them. Thank You in advance.

            ...

            ANSWER

            Answered 2021-Jan-06 at 22:46

            You can try sunzip. It reads the zip file as a stream, and will extract files as it encounters the local headers and compressed data.

            Use the -r option to retain the files decompressed in the event of an error. You will be left with a temporary directory starting with _z containing the extracted files, but with temporary, random names.

            Source https://stackoverflow.com/questions/65598683

            QUESTION

            How can I check integrity of a extracted zImage?
            Asked 2019-Nov-29 at 10:54
            $ binwalk -e linux_image.img
            DECIMAL HEXADECIMAL DESCRIPTION
            --------------------------------------------------------------------------------
            0 0x0 Android bootimg, kernel size: 6897653 bytes, kernel addr: 0x81C08000, ramdisk size: 5959520 bytes, ramdisk addr: 0x81C08000, product name: ""
            2048 0x800 Linux kernel ARM boot executable zImage (little-endian)
            18479 0x482F gzip compressed data, maximum compression, from Unix, last modified: 1970-01-01 00:00:00 (null date)
            6761720 0x672CF8 device tree image (dtb)
            6883304 0x6907E8 Unix path: /dev/block/platform/soc/7824900.sdhci/by-name/vendor
            6899712 0x694800 gzip compressed data, maximum compression, has original file name: "rootfs.cpio", from Unix, last modified: 2019-04-06 00:42:26
            9706949 0x941DC5 MySQL ISAM compressed data file Version 11
            
            $ dd if=linux_image.img of=vmlinuz bs=1 skip=2048 count=6897653
            
            $ file vmlinuz
            vmlinuz: Linux kernel ARM boot executable zImage (little-endian)
            
            $ dd if=vmlinuz bs=1 skip=$(LC_ALL=C grep -a -b -o $'\x1f\x8b\x08\x00\x00\x00\x00\x00' vmlinuz-3.18.66-perf | head -n 1 | cut -d ':' -f 1) | zcat | grep -a 'Linux version'
            Linux version 3.18.66 (build@test) (gcc version 4.9.3 (GCC) ) #1 SMP PREEMPT Fri Apr 1 13:16:33 PDT 2018
            
            ...

            ANSWER

            Answered 2019-Nov-29 at 10:54

            If you pull a random Arm Linux kernel (including Android) from somewhere and try to run it on anything other than the hardware that it is intended to boot on, the expected result is that it crashes very early in bootup without being able to output anything to screen or serial port, ie you get a black screen and nothing happens. The most likely situation here is that your image is fine and not corrupt, it's just not built to run on the vexpress-a9 board you're running it on.

            In the unlikely event that this really is a kernel built for the vexpress-a9, the next problem you have is that you haven't passed QEMU a device tree blob via the -dtb option. Modern Linux kernels don't hardcode all the information about the boards they can run on, but instead expect the bootloader (which is QEMU in this case) to pass them a data file which provides information about where all the devices are for the board. If you don't do that, then the result is the same as above: kernel crashes very early in bootup without being able to output any information, so black screen.

            Source https://stackoverflow.com/questions/59095310

            QUESTION

            qemu-system-arm chroot illegal instruction
            Asked 2018-Apr-24 at 01:27

            I install qemu-system-arm in Ubuntu 16.04 to run firmware of dlink DIR868L. But when I use the command chroot ./squashfs-root/ /bin/sh, it just shows Illegal instruction. I get squashfs-root/from DIR868LB1_FW203b01.bin by binwalk and I am sure that /bin/sh exists in squashfs-root/.

            I start qemu by sudo qemu-system-arm -M versatilepb -kernel vmlinuz-2.6.32-5-versatile -initrd initrd.img-2.6.32-5-versatile -hda debian_squeeze_armel_standard.qcow2 -append "root=/dev/sda1" -net nic -net tap and use scp to cpoy squashfs-root/ into virtual mechine. And I met the same problem when using debian_wheezy_armel_standard.qcow2

            What should I do ? It has bothered me for the whole afternoon.

            Or can anyone give me an example to run the arm firmware in qemu ? I only find lots of examples using firmware based on mips.

            Thanks a lot !

            ...

            ANSWER

            Answered 2018-Apr-23 at 17:09

            The problem is almost certainly because whatever CPU is in the DIR868lL is newer than the ARM926 CPU that the "versatilepb" board has. If the binaries from that firmware are built to use newer instructions, then running them in an emulation of an older CPU will result in an 'illegal instruction' signal, just as if you'd run them on real older ARM hardware.

            This is similar to taking binaries that were built for a Core2 Duo and trying to run them on your old Pentium system: it won't work.

            Source https://stackoverflow.com/questions/49982580

            QUESTION

            Extracting from bin file
            Asked 2017-Aug-30 at 05:30

            So I tried this:

            ...

            ANSWER

            Answered 2017-Mar-26 at 23:18

            I did it with:

            binwalk -Me upgrade-2.4.0.bin

            Source https://stackoverflow.com/questions/43035699

            Community Discussions, Code Snippets contain sources that include Stack Exchange Network

            Vulnerabilities

            No vulnerabilities reported

            Install binwalk

            More information on Wiki.
            Installation
            API
            Supported Platforms
            Getting Started
            Binwalk Command Line Usage
            Binwalk IDA Plugin Usage

            Support

            For any new features, suggestions and bugs create an issue on GitHub. If you have any questions check and ask questions on community page Stack Overflow .
            Find more information at:

            Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items

            Find more libraries

            Stay Updated

            Subscribe to our newsletter for trending solutions and developer bootcamps

            Agree to Sign up and Terms & Conditions

            Share this Page

            share link

            Explore Related Topics

            Consider Popular Security Libraries

            Try Top Libraries by ReFirmLabs

            centrifuge-cli

            by ReFirmLabsPython

            qnx6-extractor

            by ReFirmLabsPython