swisskyrepo
/
HardwareAllTheThings
mirror of https://github.com/swisskyrepo/HardwareAllTheThings.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

unblob + esp32 image parser

pull/25/head
Swissky 2024-05-31 21:39:30 +02:00
parent 6518bbc4b0
commit 026c16d0cf
2 changed files with 11 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
docs/firmware/firmware-dumping.md
View File

@ -148,7 +148,7 @@ Emulate : `qemu-system-avr -S -s -nographic -serial tcp::5678,server=on,wait=off
## Explore firmware ## Explore firmware
* strings * [unix/strings](#)
```ps1 ```ps1
$ strings file.bin $ strings file.bin
@ -159,14 +159,14 @@ Emulate : `qemu-system-avr -S -s -nographic -serial tcp::5678,server=on,wait=off
The -t flag will return the offset of the string within the file. -tx will return it in hex format, T-to in octal and -td in decimal. The -t flag will return the offset of the string within the file. -tx will return it in hex format, T-to in octal and -td in decimal.
``` ```
* dd * [unix/dd](#)
```ps1 ```ps1
$ dd if=firmware.bin of=firmware.chunk bs=1 skip=$((0x200)) count=$((0x400-0x200)) $ dd if=firmware.bin of=firmware.chunk bs=1 skip=$((0x200)) count=$((0x400-0x200))
If we wanted to run it a little faster, we could increase the block size: If we wanted to run it a little faster, we could increase the block size:
$ dd if=firmware.bin of=firmware.chunk bs=$((0x100)) skip=$((0x200/0x100)) count=$(((0x400-0x200)/0x100)) $ dd if=firmware.bin of=firmware.chunk bs=$((0x100)) skip=$((0x200/0x100)) count=$(((0x400-0x200)/0x100))
``` ```
* binwalk * [ReFirmLabs/binwalk](https://github.com/ReFirmLabs/binwalk)
```powershell ```powershell
$ binwalk -Me file.bin $ binwalk -Me file.bin
$ binwalk -Y dump.elf $ binwalk -Y dump.elf
@ -175,11 +175,17 @@ Emulate : `qemu-system-avr -S -s -nographic -serial tcp::5678,server=on,wait=off
3708 0xE7C ARM executable code, 16-bit (Thumb), little endian, at least 522 valid instructions 3708 0xE7C ARM executable code, 16-bit (Thumb), little endian, at least 522 valid instructions
``` ```
* Unsquashfs * [squashfs-tools/unsquashfs](#)
```powershell ```powershell
sudo unsquashfs -f -d /media/seagate /tmp/file.squashfs sudo unsquashfs -f -d /media/seagate /tmp/file.squashfs
``` ```
* [onekey-sec/unblob](https://github.com/onekey-sec/unblob)
```ps1
docker run --rm --pull always -v /path/to/extract-dir/on/host:/data/output -v /path/to/files/on/host:/data/input ghcr.io/onekey-sec/unblob:latest /data/input/path/to/file
docker run --rm --pull always ghcr.io/onekey-sec/unblob:latest --help
```
* [onekey-sec/jefferson](https://github.com/onekey-sec/jefferson/) - JFFS2 filesystem extraction tool * [onekey-sec/jefferson](https://github.com/onekey-sec/jefferson/) - JFFS2 filesystem extraction tool
```ps1 ```ps1
pip install jefferson pip install jefferson

1
docs/gadgets/esp32.md
View File

@ -9,6 +9,7 @@
* [jmswrnr/esp32knife](https://github.com/jmswrnr/esp32knife) - Tools for ESP32 firmware dissection * [jmswrnr/esp32knife](https://github.com/jmswrnr/esp32knife) - Tools for ESP32 firmware dissection
* [scientifichackers/ampy](https://github.com/scientifichackers/ampy) - Utility to interact with a MicroPython board over a serial connection * [scientifichackers/ampy](https://github.com/scientifichackers/ampy) - Utility to interact with a MicroPython board over a serial connection
* [ESPWebTool](https://esp.huhn.me/) - Flash your ESP32 or ESP8266 through your browser. * [ESPWebTool](https://esp.huhn.me/) - Flash your ESP32 or ESP8266 through your browser.
* [tenable/esp32_image_parser](https://github.com/tenable/esp32_image_parser) - A toolkit for helping you reverse engineer ESP32 firmware.
## Firmwares ## Firmwares