Reverse-engineering firmware

************************************************** Reverse-engineering firmware **************************************************
https://kavigihan.medium.com/iot-hacking-reversing-a-router-firmware-df6e06cc0dc9
 
1) Check the device and download firmware
2) Analyze file
 
# file <file.bin> // uses headers (if present) to identify what type of file it is
 
3) Check inside
As you can see, right off the bat it tells us that this file is a firmware. Now that we know we are dealing with the right file, let’s go ahead and see what’s inside.
For that you can use a tool called “binwalk”. This will parse through the file and tell us (including the offsets) what that file contains.
 
# binwalk <file.bin> // binwalk parses through file and tells what it contains
// should contain Lzma compressed data and one Squashfs file system section
// decimal numbers on the hexa and decimal numbers of data sections - those are offsets from the start where the data starts
// we need to take the decimal number where the Squashfs starts and add it as input to the next step
 
4) Carving out the data
 
# dd if=<InputFile> bs=<BlockSize> skip=<BytesFromStart> of=<OutputFile.sqfs> // duplicate data from .bin to .sqfs file
# dd if=wr1042nv1_en_3_15_7_up_boot\(130923\).bin bs=1 skip=1180160 of=rootfs.sqfs // example
 
# files <OutputFile.sqfs> // display new file
 
5) Extracting the file system
 
# apt install squashfs-tools // install squashfs-tools to check what is inside the newely created file (good practice)
// hopefully it is a linux distro
 
# sudo unsquashfs rootfs.sqfs // extract the file system into a folder