Alfred326
commented
2 years ago 如果大佬能够抽时间回答一下的话,感激不敬 多谢
Closed Alfred326 closed 2 years ago
Alfred326
commented
2 years ago 如果大佬能够抽时间回答一下的话,感激不敬 多谢
liyansong2018
commented
2 years ago 这是在解包的时候出现的问题,请看主页上的说明,确认是否在固件的根文件系统下重新打包的
tar -czvf test.tar.gz * # 一定要在固件文件系统的根目录下重新打包不用那么客气,有问题可以随时交流的,只是有时候回复没有那么及时。
wx7777
commented
2 years ago 你好,我运行./fat.py -q ./2.5.0/ ./testcases/wnap320_V3.7.11.4_firmware.tar时,出现以下情况:
[+] Firmware: wnap320_V3.7.11.4_firmware.tar [+] Extracting the firmware... Traceback (most recent call last): File "/home/wang/firmware-analysis-plus/./fat.py", line 182, in main() File "/home/wang/firmware-analysis-plus/./fat.py", line 170, in main image_id = run_extractor(args.firm_path, args.binwalk) File "/home/wang/firmware-analysis-plus/./fat.py", line 54, in run_extractor child.expect_exact("Tag: ") File "/usr/lib/python3/dist-packages/pexpect/spawnbase.py", line 421, in expect_exact return exp.expect_loop(timeout) File "/usr/lib/python3/dist-packages/pexpect/expect.py", line 179, in expect_loop return self.eof(e) File "/usr/lib/python3/dist-packages/pexpect/expect.py", line 122, in eof raise exc pexpect.exceptions.EOF: End Of File (EOF). Exception style platform. <pexpect.pty_spawn.spawn object at 0x7f492d9a3ca0> command: /usr/bin/python3 args: ['/usr/bin/python3', '/home/wang/firmware-analysis-plus/firmadyne/sources/extractor/extractor.py', '-np', '-nk', './testcases/wnap320_V3.7.11.4_firmware.tar', '/home/wang/firmware-analysis-plus/firmadyne/images'] buffer (last 100 chars): b'' before (last 100 chars): b"de)\r\nFileExistsError: [Errno 17] File exists: '/home/wang/firmware-analysis-plus/firmadyne/images'\r\n" after: <class 'pexpect.exceptions.EOF'> match: None match_index: None exitstatus: None flag_eof: True pid: 23917 child_fd: 5 closed: False timeout: None delimiter: <class 'pexpect.exceptions.EOF'> logfile: None logfile_read: None logfile_send: None maxread: 2000 ignorecase: False searchwindowsize: None delaybeforesend: 0.05 delayafterclose: 0.1 delayafterterminate: 0.1 searcher: searcher_string: 0: b'Tag: '
尝试运行不使用binwalk接口时,出现以下内容:
[+] Firmware: test.tar.gz [+] Extracting the firmware... [+] Cleaning previous images and created files by firmadyne [+] All done. Go ahead and run fat.py to continue firmware analysis mv: 访问 '/home/wang/firmware-analysis-plus/firmadyne/images/1.tar.gz' 失败: 不是目录 [+] Image ID: 1 [+] Identifying architecture... [+] Architecture: /home/wang/firmware-analysis-plus/firmadyne/images/1.tar.gz:无法 open: 不是目录 [+] Building QEMU disk image... [+] Setting up the network connection, please standby... Traceback (most recent call last): File "/home/wang/firmware-analysis-plus/./fat.py", line 182, in main() File "/home/wang/firmware-analysis-plus/./fat.py", line 177, in main infer_network(arch, image_id, qemu_dir) File "/home/wang/firmware-analysis-plus/./fat.py", line 122, in infer_network child.expect_exact("Interfaces:", timeout=None) File "/usr/lib/python3/dist-packages/pexpect/spawnbase.py", line 421, in expect_exact return exp.expect_loop(timeout) File "/usr/lib/python3/dist-packages/pexpect/expect.py", line 179, in expect_loop return self.eof(e) File "/usr/lib/python3/dist-packages/pexpect/expect.py", line 122, in eof raise exc pexpect.exceptions.EOF: End Of File (EOF). Exception style platform. <pexpect.pty_spawn.spawn object at 0x7ff0c3d21b50> command: /home/wang/firmware-analysis-plus/firmadyne/scripts/inferNetwork.sh args: ['/home/wang/firmware-analysis-plus/firmadyne/scripts/inferNetwork.sh', '1', '/home/wang/firmware-analysis-plus/firmadyne/images/1.tar.gz:无法 open: 不是目录'] buffer (last 100 chars): b'' before (last 100 chars): b'Error: Invalid architecture!\r\n' after: <class 'pexpect.exceptions.EOF'> match: None match_index: None exitstatus: 1 flag_eof: True pid: 23955 child_fd: 5 closed: False timeout: 30 delimiter: <class 'pexpect.exceptions.EOF'> logfile: None logfile_read: None logfile_send: None maxread: 2000 ignorecase: False searchwindowsize: None delaybeforesend: 0.05 delayafterclose: 0.1 delayafterterminate: 0.1 searcher: searcher_string: 0: b'Interfaces:'
请问大佬这种情况该如何处理,感激不尽! 我的test.tar.gz和wnap320_V3.7.11.4_firmware.tar都在/home/wang/firmware-analysis-plus/testcases/目录下
liyansong2018
commented
2 years ago 抱歉,这看起来似乎是一个bug,我正在修复
wx7777
commented
2 years ago 抱歉,这看起来似乎是一个bug,我正在修复
非常感谢,请问我需要重新下载安装么?
liyansong2018
commented
2 years ago 不用,你可以直接复制项目已经更新的 fat.py 代码到本地。
liyansong2018
commented
2 years ago 抱歉,这看起来似乎是一个bug,我正在修复
非常感谢,请问我需要重新下载安装么?
你可能还需要手动删除这个bug生成的 firmadyne/images 文件(如果重新下载项目应该不需要这一步)
wx7777
commented
2 years ago 抱歉,这看起来似乎是一个bug,我正在修复
非常感谢,请问我需要重新下载安装么?
你可能还需要手动删除这个bug生成的
firmadyne/images文件(如果重新下载项目应该不需要这一步)
[+] Firmware: test.tar.gz
[+] Extracting the firmware...
[+] Cleaning previous images and created files by firmadyne
[+] All done. Go ahead and run fat.py to continue firmware analysis
[+] Image ID: 1
[+] Identifying architecture...
Traceback (most recent call last):
File "/home/wang/firmware-analysis-plus/./fat.py", line 184, in
liyansong2018
commented
2 years ago 无binwalk模式产生的bug已经修复了,你这个错误可能是某些步骤出现了问题,生成了错误的中间文件,这是无binwalk模式的一个缺陷。重新运行几次 reset.py 或者重新运行fat.py ... -b 0 ... 也许可以解决这个问题
Alfred326
commented
2 years ago 这是在解包的时候出现的问题,请看主页上的说明,确认是否在固件的根文件系统下重新打包的
tar -czvf test.tar.gz * # 一定要在固件文件系统的根目录下重新打包不用那么客气,有问题可以随时交流的,只是有时候回复没有那么及时。
大佬,我是直接在目录中解压出来固件的文件,然后在固件文件的目录打包的,一共五个,然后剪切到testcase的目录里面运行的模式。还是报这个错误,并且按照您的实验指导重新安装了kali2020.4的版本,但是在文件提取那一步报错失败,binwalk已经安装了您提供的这个binwalk,但是目前还是爆出上述错误。
liyansong2018
commented
2 years ago 对于无binwalk模式
-b 0 模式的一个 bug,之前已修复,我测试过 firmware-analysis-plus 2.1 提供的固件 TL_WR802N_debug.tar.gz,没有问题,你可以试试这个固件。(至于你说的这个问题,我正在测试项目自带的固件,期待能解决这个问题)
对于已源码编译安装binwalk的方式 没有其他人提出有问题,不知道是不是你编译的时候出了问题。
liyansong2018
commented
2 years ago @Alfred326 @wx7777
你们这个错误我已经分析出来了原因,这是由于你们对固件解包不充分导致的,没有使用递归模式,testcases 目录下提供的固件,如果只是用 tar 命令解压,其实解压了一层,固件的文件系统仍然处于打包的状态。
针对 -b 0 模式下的 firmware-analysis-plus,解包固件时,请使用以下命令
binwalk -Me 目标固件(-M参数可以递归解压所有文件)另外,注意理解根文件系统 :)
testcases/_rootfs.squashfs.extracted/squashfs-root/另外,虽然没有测试过 firmware-analysis-plus 在更高版本kali上的兼容性,应该也兼容最新版本。
如果还有问题,可以继续提出来,如果问题解决了,可以关闭这个 issue
[+] Identifying architecture... Traceback (most recent call last): File "/home/kali/firmware-analysis-plus-master/./fat.py", line 182, in
main()
File "/home/kali/firmware-analysis-plus-master/./fat.py", line 175, in main
arch = identify_arch(image_id)
File "/home/kali/firmware-analysis-plus-master/./fat.py", line 93, in identify_arch
child.expect_exact(":")
File "/usr/lib/python3/dist-packages/pexpect/spawnbase.py", line 421, in expect_exact
return exp.expect_loop(timeout)
File "/usr/lib/python3/dist-packages/pexpect/expect.py", line 179, in expect_loop
return self.eof(e)
File "/usr/lib/python3/dist-packages/pexpect/expect.py", line 122, in eof
raise exc
pexpect.exceptions.EOF: End Of File (EOF). Exception style platform.
<pexpect.pty_spawn.spawn object at 0x7fa2282f6d90>
command: /home/kali/firmware-analysis-plus-master/firmadyne/scripts/getArch.sh
args: ['/home/kali/firmware-analysis-plus-master/firmadyne/scripts/getArch.sh', '/home/kali/firmware-analysis-plus-master/firmadyne/images/1.tar.gz']
buffer (last 100 chars): b''
before (last 100 chars): ''
after: <class 'pexpect.exceptions.EOF'>
match: None
match_index: None
exitstatus: None
flag_eof: True
pid: 1688
child_fd: 5
closed: False
timeout: 30
delimiter: <class 'pexpect.exceptions.EOF'>
logfile: None
logfile_read: None
logfile_send: None
maxread: 2000
ignorecase: False
searchwindowsize: None
delaybeforesend: 0.05
delayafterclose: 0.1
delayafterterminate: 0.1
searcher: searcher_string:
0: b':'