Binwalk 0.3.8 Release

Binwalk 0.3.8 has just been released. In addition to bug fixes, signature updates and speed improvements, binwalk can now also identify raw executable code for various different architectures using the -A option:

$ binwalk -A soho.bin

DECIMAL   	HEX       	DESCRIPTION
-------------------------------------------------------------
132       	0x84      	MIPSEL function epilogue
144       	0x90      	MIPSEL function epilogue
176       	0xB0      	MIPSEL function epilogue
224       	0xE0      	MIPSEL function epilogue
248       	0xF8      	MIPSEL function prologue
432       	0x1B0     	MIPSEL function epilogue
440       	0x1B8     	MIPSEL function prologue
896       	0x380     	MIPSEL function epilogue
904       	0x388     	MIPSEL function prologue
1548      	0x60C     	MIPSEL function epilogue
1556      	0x614     	MIPSEL function prologue
2128      	0x850     	MIPSEL function epilogue
2136      	0x858     	MIPSEL function prologue
2800      	0xAF0     	MIPSEL function epilogue
2808      	0xAF8     	MIPSEL function prologue
2880      	0xB40     	MIPSEL function epilogue
2888      	0xB48     	MIPSEL function prologue
3172      	0xC64     	MIPSEL function epilogue
...
1830540   	0x1BEE8C  	MIPSEL function epilogue
1830584   	0x1BEEB8  	MIPSEL function epilogue
1830616   	0x1BEED8  	MIPSEL function epilogue
1830748   	0x1BEF5C  	MIPSEL function epilogue
1830800   	0x1BEF90  	MIPSEL function epilogue
1830812   	0x1BEF9C  	MIPSEL function epilogue

Grab the latest release here!

Reverse Engineering Firmware: Linksys WAG120N

The ability to analyze a firmware image and extract data from it is extremely useful. It can allow you to analyze an embedded device for bugs, vulnerabilities, or GPL violations without ever having access to the device.

In this tutorial, we’ll be examining the firmware update file for the Linksys WAG120N with the intent of finding and extracting the kernel and file system from the firmware image. The firmware image used is for the WAG120N hardware version 1.0, firmware version 1.00.16 (ETSI) Annex B, released on 08/16/2010 and is currently available for download from the Linksys Web site.

Continue reading

Binwalk 0.2 Released!

We’ve just released a new version of Binwalk, our open source firmware analysis tool. This release features new firmware signatures and a huge speed increase; scan times for large firmware images went from ~12 hours to less than a minute!

Download Binwalk here.