search

nccgroup / asafw

Set of scripts to deal with Cisco ASA firmware [pack/unpack etc.]
BSD 3-Clause "New" or "Revised" License
96 stars 29 forks source link

lina : aaa_admin_authenticate #13

Open lvalero opened 5 years ago

lvalero commented 5 years ago

Hello,

what that message

[lina] Error: can't find aaa_admin_authenticate, you need to add symbol with asafw first

relates to ?

Regards

saidelike commented 5 years ago

aaa_admin_authenticate is a symbol of lina that you need to have defined in the asadb.json for lina.py to be able to patch lina. It is because we use this address to store our own code to store the debug shell.

You can define it manually after reversing your lina or use https://github.com/nccgroup/idahunt to automate finding it.

You may be interested in the following IDA Python scripts: https://github.com/nccgroup/asadbg/blob/master/asadbg_rename.py and https://github.com/nccgroup/asadbg/blob/master/asadbg_hunt.py that will respectively define aaa_admin_authenticate and update your asadb.json for your version of lina.

cq674350529 commented 5 years ago

Additionally, there are some instructions in tutorial.md.