Firmware-Mod-Kit Updated, v0.69 Released

For the past month I’ve been working with Jeremy Collake on updating the firmware-mod-kit. This has resulted in lots of bug fixes and the creation of two new scripts for deconstructing and re-building firmware images:


The NG scripts have been designed as more flexible and generic replacements for the current / scripts, and provide many improved features including:

  • The use of binwalk (now included with the firmware-mod-kit) to locate and extract file systems
  • Automatic identification and extraction of firmware footers, such as those used by the TEW-632BRP
  • Automatic identification of the correct SquashFS version and compression to use
  • Support for identifying and patching multiple headers inside a single firmware image.

Usage is simple. To extract a firmware image, run:

$ ./ firmware.bin

The extracted file system will be saved to fmk/rootfs. After modifying the root file system, the new firmware image can be re-built by running:

$ ./

Additionally, several new tools have been added to the kit, including:

  • New un/squashfs utilites
  • New uncramfs utilities
  • crcalc, a tool to update uImage and TRX checksums

The and tools currently support TRX and uImage firmware headers and SquashFS file systems, and should work with most firmware images that use these components. However, they are still in beta testing and should be considered less stable than the older and tools.

As always, tread with caution and use at your own risk!

Bookmark the permalink.

2 Responses to Firmware-Mod-Kit Updated, v0.69 Released

  1. UniCav says:

    Craig, I have been trying to mod a DVR firmware to add a DDNS option to their list. I’m running Slackware. Using fmk 0.99 the filenames have changed (none of the extract_ng or some others exist anymore) so a lot of the threads about using fmk don’t match anymore. I wasn’t able to use the extract utility, it fails on binwalk from it’s sources. I was able to use the current version of binwalk directly on my system and read and then extract the FW file into 3 cramfs images. Then I was able to use uncramfs in fmk to extract those to directories. Found what I was looking for and edited it but I can’t seem to make the connections between the build scripts and threads that exist on using mkcramfs and the recombining the 3 images into a firmware file. I was able to run a simple cramfs command and rebuild that image but all 3 images have to be added to the FW file for use. I’m not sure if there’s an md5sum issue on this either. Any suggestions would be appreciated.

    • UniCav says:

      PS – I edited the extract script to use my system’s binwalk utility and it goes further but then asks me for a password??? It does create the fmk subdirectory but it erases it when the password prompt fails.

Leave a Reply

Your email address will not be published. Required fields are marked *