ProHoster > Blog > talafou initaneti > Ua fa'asalalau le fa'ailoga mo le FwAnalyzer firmware security analyzer.

Ua fa'asalalau le fa'ailoga mo le FwAnalyzer firmware security analyzer.

Cruise, o se kamupani fa'apitoa i tekonolosi fa'aautometi, matala tulafono fa'apogai FwAnalyzer, lea e maua ai meafaigaluega mo le suʻesuʻeina o ata firmware faʻavae Linux ma faʻailoaina faʻafitauli faʻaletonu ma faʻamatalaga faʻamaumauga i totonu. O le code o loʻo tusia i le Alu ma tufatufaina e laiseneina i lalo ole Apache 2.0.

Lagolagoina suʻesuʻega o ata e faʻaaoga ai le ext2 / 3/4, FAT / VFat, SquashFS ma UBIFS faila faila. Ina ia tatalaina le ata, o loʻo faʻaaogaina faʻaoga masani, e pei o e2tools, mtools, squashfs-tools ma ubi_reader. FwAnalyzer e aveese mai le laʻau faʻatonu mai le ata ma iloilo mea e faʻatatau i se seti o tulafono. E mafai ona nonoa tulafono i faila metadata, ituaiga faila, ma mea e aofia ai. O le gaioiga o se lipoti i le JSON format, aoteleina faʻamatalaga na maua mai le firmware ma faʻaalia lapataiga ma se lisi o faila e le ogatasi ma tulafono faʻatulagaina.

E lagolagoina le siakiina o aia tatau i faila ma directories (mo se faʻataʻitaʻiga, e iloa ai le tusitusi avanoa mo tagata uma ma seti UID / GID sese), fuafua le i ai o faila faʻapipiʻi ma le fuʻa suid ma le faʻaogaina o pine SELinux, faʻailoa galo faʻailoga faʻailoga ma ono mafai. faila matautia. O mea o lo'o fa'ailoa mai ai upu fa'ainisinia ua lafoa'i ma fa'amaumauga o fa'amaumauga, fa'amanino fa'amatalaga fa'amatalaga, fa'ailoa/fa'amaonia meafaigaluega e fa'aaoga ai le SHA-256 hashes, ma su'esu'ega e fa'aaoga ai matapulepule ma fa'aaliga masani. E mafai ona fa'afeso'ota'i fa'amatalaga su'esu'e fafo i nisi ituaiga faila. Mo le firmware faʻavae Android, faʻapipiʻiina faʻamaufaʻailoga (mo se faʻataʻitaʻiga, faʻaaogaina ro.secure=1 mode, ro.build.type state ma le SELinux activation).

FwAnalyzer e mafai ona faʻaogaina e faʻafaigofie ai le auiliiliga o mataupu tau puipuiga i le firmware a le isi vaega, ae o lona faʻamoemoe autu o le mataʻituina lea o le lelei o le firmware o loʻo umia pe tuʻuina atu e le au faʻatau konekarate lona tolu. O tulafono a le FwAnalyzer e faʻatagaina oe e faʻatupuina se faʻamatalaga saʻo o le firmware state ma faʻamaonia ni suiga e le taliaina, e pei o le tuʻuina atu o aia tatau avanoa poʻo le tuʻuina o ki patino ma le faʻailoga faʻailoga (mo se faʻataʻitaʻiga, siaki e mafai ai ona e aloese mai tulaga e pei o tuulafoaiina faʻaaogaina i le taimi o suʻega o le ssh server, muai faauigaina upu fa'ainisinia, faigofie ona maua e faitau /etc/config/shadow or galo o ki faia o se saini numera).

Ua fa'asalalau le fa'ailoga mo le FwAnalyzer firmware security analyzer.

puna: opennet.ru