Cruise, kampani yodziwika bwino paukadaulo woyendetsa galimoto, ma code source source , yomwe imapereka zida zowunikira zithunzi za firmware zochokera ku Linux ndikuzindikira zomwe zingawonongeke komanso kutayikira kwa data. Khodiyo imalembedwa mu Go ndi zololedwa pansi pa Apache 2.0.
Imathandizira kusanthula kwa zithunzi pogwiritsa ntchito ext2/3/4, FAT/VFat, SquashFS ndi mafayilo a UBIFS. Kuti mutsegule chithunzichi, zida zokhazikika zimagwiritsidwa ntchito, monga e2tools, mtools, squashfs-tools ndi ubi_reader. FwAnalyzer imatulutsa chikwatu kuchokera pachithunzichi ndikuwunika zomwe zilimo potengera malamulo angapo. Malamulo amatha kumangirizidwa ku metadata yamafayilo, mtundu wa fayilo, ndi zomwe zili. Zotsatira zake ndi lipoti la mtundu wa JSON, kufotokozera mwachidule zomwe zatulutsidwa kuchokera ku firmware ndi kusonyeza machenjezo ndi mndandanda wa mafayilo omwe sagwirizana ndi malamulo okonzedwa.
Imathandizira kuyang'ana mwayi wopeza mafayilo ndi zolemba (mwachitsanzo, imazindikira mwayi wolembera aliyense ndikuyika UID / GID yolakwika), imatsimikizira kupezeka kwa mafayilo omwe angathe kuchitidwa ndi mbendera ya suid komanso kugwiritsa ntchito ma tag a SELinux, imazindikiritsa makiyi oyiwalika komanso kuthekera. owona zoopsa. Zomwe zili m'munsimu zikuwonetsa mapasiwedi a uinjiniya omwe adasiyidwa ndikuwongolera zomwe zasiyidwa, zikuwonetsa zambiri zamasinthidwe, zimazindikira / zimatsimikizira zida zogwiritsa ntchito ma SHA-256 hashes, ndikusaka pogwiritsa ntchito masks osasunthika komanso mawu okhazikika. Ndizotheka kulumikiza zolemba zakunja za analyzer kumitundu ina ya mafayilo. Kwa firmware yochokera ku Android, zomanga zimatanthauzidwa (mwachitsanzo, kugwiritsa ntchito ro.secure=1 mode, ro.build.type state ndi SELinux activation).
FwAnalyzer itha kugwiritsidwa ntchito kuti muchepetse kusanthula kwazovuta zachitetezo mu firmware ya chipani chachitatu, koma cholinga chake chachikulu ndikuwunika mtundu wa firmware yomwe ili kapena kuperekedwa ndi ogulitsa ma contract a chipani chachitatu. Malamulo a FwAnalyzer amakulolani kuti mupange ndondomeko yolondola ya firmware ndi kuzindikira zolakwika zosavomerezeka, monga kupatsa ufulu wolowera molakwika kapena kusiya makiyi achinsinsi ndi code debugging (mwachitsanzo, kufufuza kumakupatsani mwayi wopewa zinthu monga amagwiritsidwa ntchito poyesa seva ya ssh, password ya engineering, kuti muwerenge /etc/config/shadow or kupanga siginecha ya digito).
Source: opennet.ru