Cruise, k'hamphani e sebetsanang le mahlale a ho khanna ka boiketsetso, dikhoutu mohloli oa morero , e fanang ka lisebelisoa tsa ho hlahloba litšoantšo tsa firmware tse thehiloeng ho Linux le ho khetholla bofokoli bo ka bang teng le ho lutla ha data ho tsona. Khoutu e ngotsoe ho Go le e nang le tumello tlas'a Apache 2.0.
E ts'ehetsa tlhahlobo ea litšoantšo tse sebelisang ext2/3/4, FAT/VFat, SquashFS le litsamaiso tsa faele tsa UBIFS. Ho bula setšoantšo, ho sebelisoa lisebelisoa tse tloaelehileng, tse kang e2tools, mtools, squashfs-tools le ubi_reader. FwAnalyzer e hula sefate sa directory ho tsoa setšoantšong ebe e lekola litaba ho latela melao e itseng. Melao e ka amahanngoa le metadata ea tsamaiso ea faele, mofuta oa faele le litaba. Sehlahisoa ke tlaleho ka mokhoa oa JSON, e akaretsa boitsebiso bo nkiloeng ho firmware le litemoso tse bontšang le lethathamo la lifaele tse sa lumellaneng le melao e hlophisitsoeng.
E ts'ehetsa ho lekola litokelo tsa phihlello ho lifaele le li-directory (mohlala, e bona phihlello ea ho ngola bakeng sa motho e mong le e mong mme e beha UID / GID e fosahetseng), e khetha boteng ba lifaele tse ka phethisoang ka folakha ea suid le ts'ebeliso ea li-tag tsa SELinux, e tsebahatsa linotlolo tse lebetsoeng le tse ka bang teng. difaele tse kotsi. Likahare li totobatsa li-password tsa boenjiniere tse lahliloeng le lintlha tsa ho lokisa liphoso, li totobatsa tlhahisoleseling ea mofuta, li supa / netefatsa lisebelisoa tse sebelisang li-hashes tsa SHA-256, le lipatlisiso tse sebelisang limaske tse sa fetoheng le mantsoe a tloaelehileng. Hoa khoneha ho hokahanya mangolo a analyzer a kantle le mefuta e itseng ea lifaele. Bakeng sa firmware e thehiloeng ho Android, li-parameter tsa kaho li hlalosoa (mohlala, ho sebelisoa mokhoa oa ro.secure=1, ro.build.type state le ts'ebetso ea SELinux).
FwAnalyzer e ka sebelisoa ho nolofatsa tlhahlobo ea litaba tsa ts'ireletso ho firmware ea mokha oa boraro, empa sepheo sa eona se seholo ke ho beha leihlo boleng ba firmware eo e leng ea eona kapa e fanoang ke barekisi ba likonteraka tsa mokha oa boraro. Melao ea FwAnalyzer e u lumella ho hlahisa tlhaloso e nepahetseng ea boemo ba firmware le ho khetholla mekhoa e sa amoheleheng, e kang ho fana ka litokelo tse fosahetseng tsa ho fumana kapa ho siea linotlolo tsa poraefete le khoutu ea ho lokisa (mohlala, ho hlahloba ho u lumella ho qoba maemo a kang e sebelisitsoeng sethaleng sa tlhahlobo ea seva sa ssh, password ea boenjiniere, ho bala /etc/config/shadow or popeho ya tshaeno ya dijithale).
Source: opennet.ru