file netgear.bin
binwalk netgear.bin
binwalk -e netgear.bin ---> extract the binary
tar xvf 30 --> if file is tar archive
hexdump Dlink.bin
hexdump -C dlink.bin --> when binary is encrypted
binwalk -E dlink.bin
strings dlink.bin
Regex Code--->
\b[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\b
Information gathwering using egrep
egrep -E -r -o "\b[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\b"
encrypted firware
hexdump -C giga.bin --> Hardcoded encrypted key extraction (characteristics of XOR-->Whole pattern Consists od dz)
hexdump -C giga.bin | grep -i hsqs
To extract encryted firmware
cat giga.bin | python decryptor.py > decryptedfirmware.bin
binwalk -e decryptedfirmware.bin
unsquashfs ess_apps.sqsh --> Tp extract unsquashfs file system
firmadyne
In attify OS Go to firmadyne folder and run the commands from usage section of
firmadyne page from github (1-8)
in case of not extraction of squashfs using unsquashfs use binwalk
firmadyne Database
psql -d firmware -U firmadyne -h 127.0.0.1
select * from image;
password for firmadyne--- firmadyne
\dt
select * image \db
ssh -i server.pem 192.168.0.100
before using server.pem give permision
chmos +x server.pem
telnet 192.168.0.100
Ip address related
ifconfig | grep -A 1 eth0
ifconig | grep 0 -A 1 eth0 | egrep "([0-9]{1,3}\.){3}[0-9]{1,3}" | cut -d " " -f 10
ifconfig | grep -A 1 wlan0 | grep -oP "([0-9]{1,3}\.){3}[0-9]{1,3}"
Nmap Command
sudo nmap -O -sV 192.168.0.100