When building the qemu image, there will be a timeout about firmware-analysis-toolkit HOT 9 OPEN

Can you share the firmware binary?

from firmware-analysis-toolkit.

Hi,
@extremecoders-re The binary I used is getting from this link https://support.dlink.com/ProductInfo.aspx?m=DIR-880L ,but this problem only occurs at certain times.
I also meet the problem that I can't get the IP address, I read the log file and find that he is not one of the following three situations.
run.sh is not generated
When I read the log file I find your tool can find the RAM and ROM address from the firmware binary. Can you tell me how you did it?
Thank you very much!!

from firmware-analysis-toolkit.

Stuck on a same issue @extremecoders-re :|
Is it because it's waiting for sudo permissions?

from firmware-analysis-toolkit.

@DerZc I checked the firmware binary. It's for an ARM device, however as per your screenshot its wrongly identified as mipsel. So may be you're using an older version of firmadyne. Here its correctly being identifed as arm.

The proceed anyway (y, N) message you're getting is from these lines in makeImage.sh

echo "----Creating Filesystem----"
mkfs.ext2 "${DEVICE}"
sync

You can temporarily work around the error by forcing it to create the filesystem rather than prompting for user input. mkfs.ext2 -F "${DEVICE}"

Finally, this particular firmware binary DOES have issues with the recent versions of qemu. In my tests here, using an older version, I was able to boot to a terminal.

qemu-system-arm -version  
QEMU emulator version 2.0.0 (Debian 2.0.0+dfsg-2ubuntu1.30), Copyright (c) 2003-2008 Fabrice Bellard

I also meet the problem that I can't get the IP address,

Using an older qemu may work

[+] Building QEMU disk image
[+] Setting up the network connection, please standby
[+] Network interfaces : [('br0', '192.168.0.1'), ('br1', '192.168.7.1')]
[+] Running the firmware finally
[+] command line : sudo /home/oit/tools/firmadyne-new/scratch/1/run.sh

When I read the log file I find your tool can find the RAM and ROM address from the firmware binary. Can you tell me how you did it?

This is done my inspecting the kernel boot log which is the same as you see on screen. This is a part of upstream firmadyne.

@Silipwn Its looks to be waiting on the mkfs.ext2 "${DEVICE}" call.

Overall, I would say this particular firmware does not play well with firmadyne out of the box. You may need to change some of the scripts in order to boot it successfully.

from firmware-analysis-toolkit.

@extremecoders-re Thanks for the help 👍 :)

from firmware-analysis-toolkit.

@extremecoders-re Sorry to bother you again. I use a older QEMU but I also can not get the IP

Can you help me, thank you very much

from firmware-analysis-toolkit.

@extremecoders-re Thank you for your help.
I get the IP address but I can not ping it.

Can you tell me how can I solve this question?

from firmware-analysis-toolkit.

@DerZc Ping doesn't always work. For testing the firmware, all you need is to be able to access the web sever. To this end, I would recommend to edit the run.sh script and change from tap to user-mode networking, using the -redir tcp options. Then you may try to curl/wget/nc to the IP both from your host and within the qemu console.

As you can see, firmadyne doesn't work in all cases out of the box. Emulating a device with qemu will always be experimental and not guaranteed to work every-time unless you are willing to put a lot of effort which includes editing the firmware itself to make it compatible.

In many cases, you can use qemu user mode emulation to run just the webserver for testing. I would recommend this approach as it's a lot easier.

from firmware-analysis-toolkit.

@extremecoders-re I got it, thank you very much.
Can you give me some testcase that are arm arch. I have run some firmware that are arm arch but none of them succeed.

from firmware-analysis-toolkit.