The repacked image cannot pass the checksum verification.

nccgroup / asafw

Set of scripts to deal with Cisco ASA firmware [pack/unpack etc.]

BSD 3-Clause "New" or "Revised" License

96 stars 29 forks source link

The repacked image cannot pass the checksum verification. #7

Closed chunibalon closed 5 years ago

chunibalon commented 5 years ago

I used the "./unpack_repack_bin.sh -i asa924-k8.bin -f -g" command to repack an ASA image but this image cannot use by the ASA. I used the both the ASDM and CLI command to upload the image but got the same error. Would you please tell me some suggestions? This is the error information: sumval(0x7688) chksum(0x 0)md5(0x627f79f7 0xef30d361 0xdc06d033 0x47d62959) md5(0x4f5398c1 0xfeefb16a 0x9380fe65 0x44370bc5) Checksum verification on new image failed

cq674350529 commented 5 years ago

@chunibalon You can't upload the modified firmware to device through ASDM or CLI direclty, for there is a firmware integrity check procedure inside the devide. The modified firmware won't pass that. So you got the error. Instead, you can drop the modified firmware into CF card. There is no integrity check to the firmwares inside the CF card.

chunibalon commented 5 years ago

@cq674350529 OK, I got it, thank you.

cq674350529 commented 5 years ago

@chunibalon Also, you can try this method: upload the modified firmware via TFTP from the ROMMON interface. I just got it from this blog yesterday. I am not sure if it works or not, for I don't have a try.