Error while extracting RAX30 firmware

[y198nt]

can anyone help me with this, this error occurs when I try to using fat with RAX30 router firmware every version [+] Firmware: RAX30-V1.0.9.92_1.img [+] Extracting the firmware... Traceback (most recent call last): File "/home/browser/working_station/iot/firmware-analysis-toolkit/./fat.py", line 173, in main() File "/home/browser/working_station/iot/firmware-analysis-toolkit/./fat.py", line 161, in main image_id = run_extractor(args.firm_path) File "/home/browser/working_station/iot/firmware-analysis-toolkit/./fat.py", line 55, in run_extractor child.expect_exact("Tag: ") File "/usr/lib/python3/dist-packages/pexpect/spawnbase.py", line 421, in expect_exact return exp.expect_loop(timeout) File "/usr/lib/python3/dist-packages/pexpect/expect.py", line 179, in expect_loop return self.eof(e) File "/usr/lib/python3/dist-packages/pexpect/expect.py", line 122, in eof raise exc pexpect.exceptions.EOF: End Of File (EOF). Exception style platform. <pexpect.pty_spawn.spawn object at 0x7fae3cf953f0> command: /usr/bin/sudo args: ['/usr/bin/sudo', '--', '/home/browser/working_station/iot/firmware-analysis-toolkit/firmadyne/sources/extractor/extractor.py', '-np', '-nk', '../CVE-2023-24749/RAX30-V1.0.9.92_1.img', '/home/browser/working_station/iot/firmware-analysis-toolkit/firmadyne/images'] buffer (last 100 chars): b'' before (last 100 chars): b'24749/RAX30-V1.0.9.92_1.img\r\n>> MD5: 49241d7f2502d60e14e8f6005116fe3d\r\n>> Skipping: image/g3fax...\r\n' after: <class 'pexpect.exceptions.EOF'> match: None match_index: None exitstatus: None flag_eof: True pid: 4803 child_fd: 5 closed: False timeout: None delimiter: <class 'pexpect.exceptions.EOF'> logfile: None logfile_read: None logfile_send: None maxread: 2000 ignorecase: False searchwindowsize: None delaybeforesend: 0.05 delayafterclose: 0.1 delayafterterminate: 0.1 searcher: searcher_string: 0: b'Tag: '

[extremecoders-re]

This is likely due to a bug in extractor.py in firmadyne.

As a workaround, you can first manually extract the img using binwalk and then run fat.py on the extracted squashfs.

$ binwalk -e ./RAX30-V1.0.9.92_1.img

$ ./fat.py _RAX30-V1.0.9.92_1.img.extracted/777EAC.squashfs

[y198nt]

yeah it was working but I can find any Network interfaces

---

                          / _|         | |
                         | |_    __ _  | |_
                         |  _|  / _` | | __|
                         | |   | (_| | | |_
                         |_|    \__,_|  \__|

            Welcome to the Firmware Analysis Toolkit - v0.3
Offensive IoT Exploitation Training http://bit.do/offensiveiotexploitation
              By Attify - https://attify.com  | @attifyme

[+] Firmware: 777EAC.squashfs [+] Extracting the firmware... [+] Image ID: 1 [+] Identifying architecture... [+] Architecture: armel [+] Building QEMU disk image... [+] Setting up the network connection, please standby... [+] Network interfaces: [] [+] All set! Press ENTER to run the firmware... [+] When running, press Ctrl + A X to terminate qemu

[y198nt]

this is qemu.initial.serial.log [ 0.453858] [] (kset_register) from [] (class_register+0xa8/0x198) [ 0.454376] [] (__class_register) from [] (class_create+0x40/0x70) [ 0.454920] [] (class_create) from [] (register_devfs_stubs+0x314/0xbb4) [ 0.456380] [] (register_devfs_stubs) from [] (init_module+0x28/0xa4) [ 0.458865] [] (init_module) from [] (do_one_initcall+0x104/0x1b4) [ 0.459881] [] (do_one_initcall) from [] (kernel_init_freeable+0xf0/0x1b0) [ 0.461334] [] (kernel_init_freeable) from [] (kernel_init+0x8/0xe4) [ 0.462386] [] (kernel_init) from [] (ret_from_fork+0x14/0x2c) [ 0.463070] ---[ end trace 90832bdce137094d ]--- [ 0.463473] ------------[ cut here ]------------ [ 0.464013] WARNING: CPU: 0 PID: 1 at /mnt/data/sources/linux/lib/kobject.c:240 kobject_add_internal+0x240/0x2ac() [ 0.464632] kobject_add_internal failed for gpio with -EEXIST, don't try to register things with the same name in the same directory. [ 0.465353] Modules linked in: [ 0.465647] CPU: 0 PID: 1 Comm: swapper Tainted: G W 4.1.17+ #10 [ 0.466113] Hardware name: Generic DT based system [ 0.466445] [] (unwind_backtrace) from [] (show_stack+0x10/0x14) [ 0.466970] [] (show_stack) from [] (warn_slowpath_common+0x80/0xa8) [ 0.467836] [] (warn_slowpath_common) from [] (warn_slowpath_fmt+0x2c/0x3c) [ 0.468421] [] (warn_slowpath_fmt) from [] (kobject_add_internal+0x240/0x2ac) [ 0.468975] [] (kobject_add_internal) from [] (kset_register+0x1c/0x44) [ 0.469547] [] (kset_register) from [] (class_register+0xa8/0x198) [ 0.470058] [] (class_register) from [] (__class_create+0x40/0x70) [ 0.471252] [] (class_create) from [] (register_devfs_stubs+0x314/0xbb4) [ 0.472025] [] (register_devfs_stubs) from [] (init_module+0x28/0xa4) [ 0.472594] [] (init_module) from [] (do_one_initcall+0x104/0x1b4) [ 0.473103] [] (do_one_initcall) from [] (kernel_init_freeable+0xf0/0x1b0) [ 0.476476] [] (kernel_init_freeable) from [] (kernel_init+0x8/0xe4) [ 0.477092] [] (kernel_init) from [] (ret_from_fork+0x14/0x2c) [ 0.477606] ---[ end trace 90832bdce137094e ]--- [ 0.478024] firmadyne: Cannot create device class: gpio! [ 0.480595] firmadyne: Cannot register character device: watchdog, 0xa, 0x82! [ 0.481968] firmadyne: Cannot register character device: wdt, 0xfd, 0x0! [ 0.586797] PCI host bridge /pcie@10000000 ranges: [ 0.587730] IO 0x3eff0000..0x3effffff -> 0x00000000 [ 0.588289] MEM 0x10000000..0x3efeffff -> 0x10000000 [ 0.588648] MEM 0x8000000000..0xffffffffff -> 0x8000000000 [ 0.589709] pci-host-generic 4010000000.pcie: resource collision: [mem 0x00000000-0xffffffff] conflicts with /pl011@9000000 [mem 0x09000000-0x09000fff] [ 0.593651] pci-host-generic: probe of 4010000000.pcie failed with error -16 [ 0.614916] Non-volatile memory driver v1.3 [ 0.655157] brd: module loaded [ 0.677985] loop: module loaded [ 0.699367] vda: vda1 [ 0.716753] 0.flash: Found 2 x16 devices at 0x0 in 32-bit bank. Manufacturer ID 0x000000 Chip ID 0x000000 [ 0.717793] Intel/Sharp Extended Query Table at 0x0031 [ 0.718987] Using buffer write method [ 0.719896] erase region 0: offset=0x0,size=0x40000,blocks=256 [ 0.729623] 0.flash: Found 2 x16 devices at 0x0 in 32-bit bank. Manufacturer ID 0x000000 Chip ID 0x000000 [ 0.731213] Intel/Sharp Extended Query Table at 0x0031 [ 0.732563] Using buffer write method [ 0.732951] erase region 0: offset=0x0,size=0x40000,blocks=256 [ 0.733383] Concatenating MTD devices: [ 0.733650] (0): "0.flash" [ 0.733840] (1): "0.flash" [ 0.734017] into device "0.flash" [ 0.767327] [nandsim] warning: read_byte: unexpected data output cycle, state is STATE_READY return 0x0 [ 0.768834] [nandsim] warning: read_byte: unexpected data output cycle, state is STATE_READY return 0x0 [ 0.769844] [nandsim] warning: read_byte: unexpected data output cycle, state is STATE_READY return 0x0 [ 0.771947] [nandsim] warning: read_byte: unexpected data output cycle, state is STATE_READY return 0x0 [ 0.773137] [nandsim] warning: read_byte: unexpected data output cycle, state is STATE_READY return 0x0 [ 0.776454] [nandsim] warning: read_byte: unexpected data output cycle, state is STATE_READY return 0x0 [ 0.777647] nand: device found, Manufacturer ID: 0x98, Chip ID: 0x39 [ 0.778132] nand: Toshiba NAND 128MiB 1,8V 8-bit [ 0.778776] nand: 128 MiB, SLC, erase size: 16 KiB, page size: 512, OOB size: 16 [ 0.781507] flash size: 128 MiB [ 0.782100] page size: 512 bytes [ 0.782592] OOB area size: 16 bytes [ 0.783365] sector size: 16 KiB [ 0.783845] pages number: 262144 [ 0.784355] pages per sector: 32 [ 0.784922] bus width: 8 [ 0.785320] bits in sector size: 14 [ 0.785818] bits in page size: 9 [ 0.786282] bits in OOB size: 4 [ 0.786912] flash size with OOB: 135168 KiB [ 0.787936] page address bytes: 4 [ 0.788479] sector address bytes: 3 [ 0.788837] options: 0x42 [ 0.808005] Scanning device for bad blocks [ 1.171820] firmadyne: do_execve: /firmadyne/console [ 1.172326] OFFSETS: offset of pid: 0x190 offset of comm: 0x270 [ 1.173220] Creating 11 MTD partitions on "NAND 128MiB 1,8V 8-bit": [ 1.173943] 0x000000000000-0x000000100000 : "NAND simulator partition 0" [ 1.180012] 0x000000100000-0x000000200000 : "NAND simulator partition 1" [ 1.182618] 0x000000200000-0x000000300000 : "NAND simulator partition 2" [ 1.184692] 0x000000300000-0x000000400000 : "NAND simulator partition 3" [ 1.186760] 0x000000400000-0x000000500000 : "NAND simulator partition 4" [ 1.189012] 0x000000500000-0x000000600000 : "NAND simulator partition 5" [ 1.191106] 0x000000600000-0x000000700000 : "NAND simulator partition 6" [ 1.195474] 0x000000700000-0x000000800000 : "NAND simulator partition 7" [ 1.198266] 0x000000800000-0x000000900000 : "NAND simulator partition 8" [ 1.200682] 0x000000900000-0x000000a00000 : "NAND simulator partition 9" [ 1.203388] 0x000000a00000-0x000008000000 : "NAND simulator partition 10" [ 1.213636] tun: Universal TUN/TAP device driver, 1.6 [ 1.214015] tun: (C) 1999-2004 Max Krasnyansky maxk@qualcomm.com [ 1.239843] PPP generic driver version 2.4.2 [ 1.241587] PPP BSD Compression module registered [ 1.242043] PPP Deflate Compression module registered [ 1.242526] PPP MPPE Compression module registered [ 1.242942] NET: Registered protocol family 24 [ 1.243515] PPTP driver version 0.8.5 [ 1.251209] usbcore: registered new interface driver usb-storage [ 1.257411] rtc-pl031 9010000.pl031: rtc core: registered pl031 as rtc0 [ 1.258746] hidraw: raw HID events driver (C) Jiri Kosina [ 1.260022] usbcore: registered new interface driver usbhid [ 1.262601] usbhid: USB HID core driver [ 1.264223] Netfilter messages via NETLINK v0.30. [ 1.266645] nf_conntrack version 0.5.0 (3943 buckets, 15772 max) [ 1.268856] ctnetlink v0.93: registering with nfnetlink. [ 1.271512] ipip: IPv4 over IPv4 tunneling driver [ 1.274334] gre: GRE over IPv4 demultiplexor driver [ 1.274707] ip_gre: GRE over IPv4 tunneling driver [ 1.290520] ip_tables: (C) 2000-2006 Netfilter Core Team [ 1.296799] arp_tables: (C) 2002 David S. Miller [ 1.299334] Initializing XFRM netlink socket [ 1.300862] NET: Registered protocol family 10 [ 1.319462] ip6_tables: (C) 2000-2006 Netfilter Core Team [ 1.322641] sit: IPv6 over IPv4 tunneling driver [ 1.331757] NET: Registered protocol family 17 [ 1.333543] bridge: automatic filtering via arp/ip/ip6tables has been deprecated. Update your scripts to load br_netfilter if you need this. [ 1.334414] Bridge firewalling registered [ 1.334762] Ebtables v2.0 registered [ 1.339136] 8021q: 802.1Q VLAN Support v1.8 [ 1.340550] Registering SWP/SWPB emulation handler [ 1.350594] rtc-pl031 9010000.pl031: setting system clock to 2023-03-17 07:45:53 UTC (1679039153) [ 1.372348] EXT4-fs (vda1): couldn't mount as ext3 due to feature incompatibilities [ 1.375355] EXT4-fs (vda1): mounting ext2 file system using the ext4 subsystem [ 1.413948] EXT4-fs (vda1): mounted filesystem without journal. Opts: (null) [ 1.416737] VFS: Mounted root (ext2 filesystem) on device 254:1. [ 1.511723] Freeing unused kernel memory: 180K (c05c5000 - c05f2000) FATAL: kernel too old [ 1.675091] init (1): undefined instruction: pc=00010354 [ 1.677326] CPU: 0 PID: 1 Comm: init Tainted: G W 4.1.17+ #10 [ 1.677891] Hardware name: Generic DT based system [ 1.681814] task: cf813ac0 ti: cf822000 task.ti: cf822000 [ 1.682468] PC is at 0x10354 [ 1.682674] LR is at 0x76afc [ 1.682940] pc : [<00010354>] lr : [<00076afc>] psr: 60030010 [ 1.682940] sp : be8afc30 ip : 00000000 fp : be8afd90 [ 1.683809] r10: 001186a0 r9 : 00000002 r8 : 00000001 [ 1.684169] r7 : b6f8c000 r6 : be8afd58 r5 : 011f8000 r4 : 0014f60c [ 1.684568] r3 : 00000005 r2 : 00000000 r1 : be8afb20 r0 : 00000000 [ 1.685097] Flags: nZCv IRQs on FIQs on Mode USER_32 ISA ARM Segment user [ 1.685530] Control: 10c5387d Table: 4e9c4059 DAC: 00000015 [ 1.686545] Code: e3530004 1a000002 e3a03005 e584300c (e7f000f0) [ 1.687861] potentially unexpected fatal signal 4. [ 1.688249] CPU: 0 PID: 1 Comm: init Tainted: G W 4.1.17+ #10 [ 1.688684] Hardware name: Generic DT based system [ 1.689026] task: cf813ac0 ti: cf822000 task.ti: cf822000 [ 1.689357] PC is at 0x10354 [ 1.689542] LR is at 0x76afc [ 1.689735] pc : [<00010354>] lr : [<00076afc>] psr: 60030010 [ 1.689735] sp : be8afc30 ip : 00000000 fp : be8afd90 [ 1.690437] r10: 001186a0 r9 : 00000002 r8 : 00000001 [ 1.690755] r7 : b6f8c000 r6 : be8afd58 r5 : 011f8000 r4 : 0014f60c [ 1.691668] r3 : 00000005 r2 : 00000000 r1 : be8afb20 r0 : 00000000 [ 1.692243] Flags: nZCv IRQs on FIQs on Mode USER_32 ISA ARM Segment user [ 1.692677] Control: 10c5387d Table: 4e9c4059 DAC: 00000015 [ 1.693109] CPU: 0 PID: 1 Comm: init Tainted: G W 4.1.17+ #10 [ 1.693519] Hardware name: Generic DT based system [ 1.695738] [] (unwind_backtrace) from [] (show_stack+0x10/0x14) [ 1.697150] [] (show_stack) from [] (get_signal+0x41c/0x47c) [ 1.697864] [] (get_signal) from [] (do_signal+0x8c/0x35c) [ 1.698446] [] (do_signal) from [] (do_work_pending+0x54/0xac) [ 1.698990] [] (do_work_pending) from [] (work_pending+0xc/0x20) [ 1.714367] Kernel panic - not syncing: Attempted to kill init! exitcode=0x00000004 [ 1.714367] [ 1.715441] CPU: 0 PID: 1 Comm: init Tainted: G W 4.1.17+ #10 [ 1.715919] Hardware name: Generic DT based system [ 1.716272] [] (unwind_backtrace) from [] (show_stack+0x10/0x14) [ 1.716800] [] (show_stack) from [] (panic+0x70/0x1c8) [ 1.717243] [] (panic) from [] (do_exit+0x3c0/0x774) [ 1.717669] [] (do_exit) from [] (do_group_exit+0x48/0xa8) [ 1.718161] [] (do_group_exit) from [] (get_signal+0x42c/0x47c) [ 1.718644] [] (get_signal) from [] (do_signal+0x8c/0x35c) [ 1.719604] [] (do_signal) from [] (do_work_pending+0x54/0xac) [ 1.720153] [] (do_work_pending) from [] (work_pending+0xc/0x20) [ 1.721588] ---[ end Kernel panic - not syncing: Attempted to kill init! exitcode=0x00000004 [ 1.721588]

[y198nt]

and I don't know it end with [ 1.721588] ---[ end Kernel panic - not syncing: Attempted to kill init! exitcode=0x00000004. Normally when I use fat for .bin file, it always working successfully without any error, but when using fat for netgear router, there are a lot of error

[extremecoders-re]

Yes it crashes with a kernel panic and that's why no network interfaces are detected. There is no generalized way to solve such issues. This will need more research to identify the reason for the panic.

The reason for the crash might be due to an invalid instruction.

FATAL: kernel too old
[ 1.675091] init (1): undefined instruction: pc=00010354

[y198nt]

FATAL: kernel too old [ 0.832054] init (1): undefined instruction: pc=00010354 [ 0.835649] CPU: 0 PID: 1 Comm: init Tainted: G W 4.1.17+ #10 [ 0.838057] Hardware name: Generic DT based system [ 0.838791] task: cf813ac0 ti: cf822000 task.ti: cf822000 [ 0.841657] PC is at 0x10354 [ 0.844627] LR is at 0x76afc [ 0.846653] pc : [<00010354>] lr : [<00076afc>] psr: 60030010 [ 0.846653] sp : bea03c30 ip : 00000000 fp : bea03d90 [ 0.853298] r10: 001186a0 r9 : 00000002 r8 : 00000001 [ 0.854732] r7 : b6fca000 r6 : bea03d58 r5 : 00aff000 r4 : 0014f60c [ 0.854883] r3 : 00000005 r2 : 00000000 r1 : bea03b20 r0 : 00000000 [ 0.856218] Flags: nZCv IRQs on FIQs on Mode USER_32 ISA ARM Segment user [ 0.857720] Control: 10c5387d Table: 4ea64059 DAC: 00000015 [ 0.858753] Code: e3530004 1a000002 e3a03005 e584300c (e7f000f0) [ 0.861320] potentially unexpected fatal signal 4. [ 0.864227] CPU: 0 PID: 1 Comm: init Tainted: G W 4.1.17+ #10 [ 0.864355] Hardware name: Generic DT based system [ 0.864445] task: cf813ac0 ti: cf822000 task.ti: cf822000 [ 0.864710] PC is at 0x10354 [ 0.866212] LR is at 0x76afc [ 0.867395] pc : [<00010354>] lr : [<00076afc>] psr: 60030010 [ 0.867395] sp : bea03c30 ip : 00000000 fp : bea03d90 [ 0.867961] r10: 001186a0 r9 : 00000002 r8 : 00000001 [ 0.868117] r7 : b6fca000 r6 : bea03d58 r5 : 00aff000 r4 : 0014f60c [ 0.871191] r3 : 00000005 r2 : 00000000 r1 : bea03b20 r0 : 00000000 [ 0.873053] Flags: nZCv IRQs on FIQs on Mode USER_32 ISA ARM Segment user [ 0.873830] Control: 10c5387d Table: 4ea64059 DAC: 00000015 [ 0.874562] CPU: 0 PID: 1 Comm: init Tainted: G W 4.1.17+ #10 [ 0.875103] Hardware name: Generic DT based system [ 0.877357] [] (unwind_backtrace) from [] (show_stack+0x10/0x14) [ 0.883679] [] (show_stack) from [] (get_signal+0x41c/0x47c) [ 0.884918] [] (get_signal) from [] (do_signal+0x8c/0x35c) [ 0.885866] [] (do_signal) from [] (do_work_pending+0x54/0xac) [ 0.886743] [] (do_work_pending) from [] (work_pending+0xc/0x20) [ 0.900455] Kernel panic - not syncing: Attempted to kill init! exitcode=0x00000004 [ 0.900455] [ 0.904947] CPU: 0 PID: 1 Comm: init Tainted: G W 4.1.17+ #10 [ 0.908241] Hardware name: Generic DT based system [ 0.914382] [] (unwind_backtrace) from [] (show_stack+0x10/0x14) [ 0.914833] [] (show_stack) from [] (panic+0x70/0x1c8) [ 0.915003] [] (panic) from [] (do_exit+0x3c0/0x774) [ 0.916071] [] (do_exit) from [] (do_group_exit+0x48/0xa8) [ 0.916268] [] (do_group_exit) from [] (get_signal+0x42c/0x47c) [ 0.916410] [] (get_signal) from [] (do_signal+0x8c/0x35c) [ 0.918039] [] (do_signal) from [] (do_work_pending+0x54/0xac) [ 0.918967] [] (do_work_pending) from [] (work_pending+0xc/0x20) [ 0.919732] ---[ end Kernel panic - not syncing: Attempted to kill init! exitcode=0x00000004 [ 0.919732] QEMU: Terminated

I still don't know why it keeps saying KERNEL TOO OLD although I've install kernel 6.0.0-060000-generic version

[extremecoders-re]

I still don't know why it keeps saying KERNEL TOO OLD although I've install kernel 6.0.0-060000-generic version

The error message is about the firmadyne kernel. Not the kernel on the host OS. In addition I would also suggest looking at the address 00010354. The instruction at that address is tripping qemu.

[y198nt]

where is the kernel file which contain 00010354 address

[extremecoders-re]

where is the kernel file which contain 00010354 address

zImage.armel in https://github.com/firmadyne/kernel-v4.1/releases/tag/v1.1

[sdahiasdba]

┌──(ayman㉿kali)-[~/Downloads/firmware-analysis-toolkit/firmadyne] └─$ sudo ./fat.py Gaw5.6T02-4-DL-R1B020-ME.EN_upgrade(0322113411).en_upgrade

                           __           _
                          / _|         | |
                         | |_    __ _  | |_
                         |  _|  / _` | | __|
                         | |   | (_| | | |_
                         |_|    \__,_|  \__|

            Welcome to the Firmware Analysis Toolkit - v0.3
Offensive IoT Exploitation Training http://bit.do/offensiveiotexploitation
              By Attify - https://attify.com  | @attifyme

[+] Firmware: Gaw5.6T02-4-DL-R1B020-ME.EN_upgrade(0322113411).en_upgrade [+] Extracting the firmware... Traceback (most recent call last): File "/home/ayman/Downloads/firmware-analysis-toolkit/firmadyne/./fat.py", line 172, in main() File "/home/ayman/Downloads/firmware-analysis-toolkit/firmadyne/./fat.py", line 160, in main image_id = run_extractor(args.firm_path) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/home/ayman/Downloads/firmware-analysis-toolkit/firmadyne/./fat.py", line 54, in run_extractor child.expect_exact("Tag: ") File "/usr/lib/python3/dist-packages/pexpect/spawnbase.py", line 432, in expect_exact return exp.expect_loop(timeout) ^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/lib/python3/dist-packages/pexpect/expect.py", line 179, in expect_loop return self.eof(e) ^^^^^^^^^^^ File "/usr/lib/python3/dist-packages/pexpect/expect.py", line 122, in eof raise exc pexpect.exceptions.EOF: End Of File (EOF). Exception style platform. <pexpect.pty_spawn.spawn object at 0x7fd3f235c050> command: /usr/bin/sudo args: ['/usr/bin/sudo', '--', '/home/ayman/Downloads/firmware-analysis-toolkit/sources/extractor/extractor.py', '-np', '-nk', 'Gaw5.6T02-4-DL-R1B020-ME.EN_upgrade(0322113411).en_upgrade', '/home/ayman/Downloads/firmware-analysis-toolkit/images'] buffer (last 100 chars): b'' before (last 100 chars): b'ayman/Downloads/firmware-analysis-toolkit/sources/extractor/extractor.py: command not found\r\nayman\r\n' after: <class 'pexpect.exceptions.EOF'> match: None match_index: None exitstatus: 1 flag_eof: True pid: 19646 child_fd: 5 closed: False timeout: None delimiter: <class 'pexpect.exceptions.EOF'> logfile: None logfile_read: None logfile_send: None maxread: 2000 ignorecase: False searchwindowsize: None delaybeforesend: 0.05 delayafterclose: 0.1 delayafterterminate: 0.1 searcher: searcher_string: 0: b'Tag: '

help please

[extremecoders-re]

@sdahiasdba Please create a new issue with a link to the firmware. In general, not all firmware will work right out of the box. Here it fails right on the extraction step, so the issue should be in the extraction part.

[sdahiasdba]

The firmware that was used is http://www.downloads.netgear.com/files/GDC/WNAP320/WNAP320%20Firmware%20Version%202.0.3.zip and it has been extracted previously using the binwalk tool.