search

pr0v3rbs / FirmAE

Towards Large-Scale Emulation of IoT Firmware for Dynamic Analysis
MIT License
603 stars 117 forks source link

Binwalk corrupts symlinks #39

Closed alexsantee closed 1 year ago

alexsantee commented 2 years ago

I've installed FirmAE on a Linux Mint 20.1 which already had binwalk installed. I've used the build.sh and install.sh scripts, but I'm not sure if FirmAE is using the system's Binwalk or if it's using another.

At extraction binwalk shows this warning message of converting an external symlink to /dev/null, which I think is bad for the emulation:

WARNING: Symlink points outside of the extraction directory: /tmp/tmpbeeef6ux/_openwrt-21.02.1-ramips-mt76x8-tplink_tl-wr840n-v4-squashfs-sysupgrade.bin.extracted/squashfs-root/sbin/modinfo -> /usr/sbin/kmodloader; changing link target to /dev/null for security purposes.

In a chroot or emulated environment this security risk shouldn't apply

Currently I'm using the --preserve-symlinks flag for binwalk at the extractor script

pr0v3rbs commented 2 years ago

Sorry for the late.

Currently, because of some issues, FirmAE uses Binwalk with 2.3.1. version. (https://github.com/pr0v3rbs/FirmAE/pull/36#issuecomment-962585681)

It needs to be changed some codes with your advice. I will check soon, thanks!

pr0v3rbs commented 1 year ago

This issue was fixed in 6911f56