firmware-mod-kit工具的功能和binwalk工具的类似，其实firmware-mod-kit工具在功能上有调用binwalk工具提供的功能以及其他的固件解包工具的整合。下载firmware-mod-kit工具的源码进入到src目录下就能够看到firmware-mod-kit工具整合了那些固件提取和文件系统解压的工具。firmware-mod-kit工具的功能有固件文件的解包和打包、固件提取文件系统的解压和压缩、DD-WRT Web Pages的修改等，在每个整合的固件分析工具的源码文件夹里都有相关的使用说明。
The Firmware Working Directory
The Firmware Mod Kit uses a 'hard coded' working directory of 'fmk'. The extraction script extracts to this folder, and the rebuild script rebuilds from this folder. Allowance of alternate working directories is supported for some operations, but not all. We'll be expanding that in the future. For now, if you have multiple working directories, we suggest you rename the ones you're not currently operating on.
Automated firmware extraction typically works with most firmware images that employ uImage/TRX firmware headers and use SquashFS or CramFS file systems. Currently, extract-firmware.sh is the preferred method of extraction as it supports more firmware types than the older old-extract.sh script. However, old-extract.sh is still included and works with many firmware formats.
Usage for both extract-firmware.sh and extract_firmware.sh is straight forward:
$ ./extract-firmware.sh firmware.bin
By default, output from extract-firmware.sh will be located in the 'fmk' directory, while old-extract.sh will place extracted data into the specified working directory.
Which build script to use is dependant on which extraction script was used. If you extracted a firmware image with extract-firmware.sh, then you must use build-firmware.sh to re-build it. Likewise, if old-extract.sh was used, then old-build.sh must be invoked when re-building an image:
$ ./build-firmware.sh [-nopad] [-min]
The new firmware generated by build-firmware.sh will be located at 'fmk/new-firmware.bin', while old-build.sh will generate firmware images in several different formats and save them in the specified output directory.
The optional -nopad switch will instruct build-firmware.sh to NOT pad the firmware up to its original size.
The optional -minswitch will use the maximum squashfs block size of 1MB. This will decrease the firmware image size at the cost of additional CPU and RAM resources utilized on the target device. Do not use this switch unless you must. This is a very large block size for embedded systems. The original firmware squashfs block size is preserved on rebuild, and the original block size should be the one used unless you are sure you know what you're doing. Too large a block size may appear to work fine, but runtime performance of the firmware may suffer in all or some loads.
3.3.修改 DD-WRT Web Pages 面
Modifying DD-WRT Web Pages
One very unique feature of the Firmware Mod Kit is its ability to extract and rebuild files from the DD-WRT Web GUI. This is automated by the ddwrt-gui-extract.sh and ddwrt-gui-restore.sh scripts.
Once you have extracted a DD-WRT firmware image using extract-firmwware.sh, you can extract the Web files by running:
This will create a directory named 'www' and extract the Web files there. You may modify the files any way you like, but you cannot add or delete files.
When you are finished editing, you can rebuild the Web files by running:
Reverting to a vendor firmware
Sometimes you'll enthusiastically flash a third-party firmware like Gargoyle or DD-WRT only to discover it lacks features you need, doesn't perform as well as the vendor firmware, or has functional problems. In this situation, you might find yourself wanting to go back to the vendor firmware, but have no way to do so!
Here's how the Firmware Mod Kit can help you revert to a vendor firmware. The process is this:
- Extract vendor firmware. Then rename the 'fmk' directory.
- Extract third-party 'upgrade' firmware (e.g. Gargoyle-sysupgrade)
- Replace extracted third-party firmware's rootfs and image_parts with those from the vendor firmware.
- Rebuild firmware image
- Flash vendor firmware image (now packaged as your third-party firmware expects).
- If all succeeded, you're now using the vendor firmware again.
Once you are back to the vendor firmware, then it accepts vendor firmware images again.
This example demonstrates how to extract a firmware image, replace its existing telnet daemon with a custom built one, and then build a new firmware image:
$ ./extract-firmware.sh firmware.bin
$ cp new-telnetd fmk/rootfs/usr/sbin/telnetd
Below is an example of the commands to run in order to extract a DD-WRT firmware image, modify the Web index page, and build a new firmware image:
$ ./extract-firmware.sh firmware.bin
$ echo "HELLO WORLD" > www/index.asp
Tools / Utilities
The Firmware Mod Kit consists of a collection of tools useful when working with embedded firmware images. These include those listed below, though there are MANY MORE that are not listed here.
| |Tool | Description
| | AsusTRX | An extended version of ASUSTRX that can build both 'normal' TRX files and, optionally, those with an ASUS addver style header appended. It can also, uniquely, force segment offsets in the TRX (with -b switch) for compatibility with Marvell ASUS devices like the WL-530g. This tool replaces both 'normal' trx tool and addver. Current versions included are: 0.90 beta.
| | AddPattern | Utility to pre-pend Linksys style HDR0 header to a TRX.
| | AddVer | ASUS utility to append a header to a TRX image that contains version information. ASUSTRX includes this capability. Current version: unversioned.
| | Binwalk | Scans firmware images for known file types (firmware headers, compressed kernels, file systems, etc.)
| | CramFSCK | CRAMFS file system image checker and extractor. Current versions included are: 2.4x.
| | CramFSSwap | Utility to swap the endianess of a CramFS image
| | CRCalc | Utility to patch all uImage and TRX headers inside a given firmware image.
| | MkSquashFS | Builds a squashfs file system image. Current versions included are: 2.1-r2, 3.0.
| | MkCramFS | Builds a cramfs file system image. Coming in next version. Current versions included are: 2.4x.
| | MotorolaBin | Utility that prepends 8 byte headers to TRX images for Motorola devices WR850G, WA840G, WE800G. Current version: unversioned.
| | Splitter3 | Utility to scan and extract a firmware image's component parts.
| | Tpl-tool | Utility to manipulate TP-Link vendor format images.
| | UnCramFS | Alternate tool to extract a cramfs file system image. Use cramfsck instead whenever possible as it seems to be more reliable. Current versions included are: 0.7 (for cramfs v2.x).
| | UnCramFS-LZMA | Alternate tool to extract LZMA-compressed cramfs file system images, such as those used by OpenRG.
| | UnSquashFS | Extracts a zlib squashfs file system image. Current versions included are 1.0 for 3.0 images and 1.0 for 2.x images (my own blend).
| | UnSquashFS-LZMA | Extracts an lzma squashfs file system image. Current versions included are 1.0 for 3.0 images and 1.0 for 2.x images (my own blend). Note: Not all squashfs-lzma patches are compatible with one another. I'm working on adding support for all common squashfs-lzma variations.
| | UnTRX | Splits TRX style firmwares into their component parts. Also supports pre-pended addpattern HDR0 style headers. This was developed exclusively for this kit. Current versions included are: 0.45.
| | WebDecomp | Extracts and restores Web GUI files from DD-WRT firmware images, allowing modifications to the Web pages.
| | WRTVxImgTool | Utility to generate VxWorks compatible firmware images for the WRT54G(S) v5 series.
- Go Modules 踩坑总结
- go mod tidy报错verifying module: invalid GOSUMDB: malformed verifier id
- gin-vue-admin 使用 go mod ， golang开发工具 提示package gin-vue-admin/core is not in GOROOT
- sarama-cluster消费者运行时报panic: non-positive interval for NewTicker
- mysqlserver 下载安装
- go mod module declares its path as: gtihub.com/xxx-xx but was required as:xx-xx