Firmware Analysis
Last modified: 2023-01-06
Static Analysis
The following tools are often used for static analysis.
# -E: Calculate file entropy
# -N: Do not generate an entropy plot graph
binwalk -EN ./firmware
# firmware-mod-kit
./extract-firmware.sh ./firmware
Dynamic Analysis
gdb ./firmware
rizin ./firmware
Using FIRMADYNE
FIRMADYNE is a platform for emulation and dynamic analysis of Linux-based firmware.
# Analyze and emulate the system
./fat.py example.squashfs
The analysis will start.
Copy the ip address in the output as below.
Network interfaces: [('brtrunk', '192.168.0.100')]
In local machine, port forward using the ip.
ssh -L 8081:192.168.0.100:80 remote-user@<remote-ip>
Now we can access to http://127.0.0.1:8081/